[BreachExchange] Route Mobile servers allegedly compromised; company investigating claims

[Destry Winant]

https://telecom.economictimes.indiatimes.com/news/route-mobile-servers-allegedly-compromised-company-investigating-claims/82058931

New Delhi: Hackers have allegedly compromised servers of enterprise
communications firm Route Mobile, even as the company claimed that
data of its customers is safe and its cyber security team is
investigating the matter. According to cyber security experts, data of
companies like Tata Communications, Bharti Airtel and DBS Bank have
been leaked due to the alleged breach in Route Mobile's system.

Cyber threat intelligence firm Pifi Technologies posted on LinkedIn
about Tata Communications data leak.

"Tata Communications suffers data leak, "Cybercriminals" claim to have
sold access to company's servers, over 50GB data still up for sale on
Darknet Forums for USD 9k," Pifi Technologies Chief Technology Officer
Indra Dhaon shared in a post.

Cyber security researcher Rajshekhar Rajaharia said the data does not
seem to have been leaked from Tata Communications but the alleged
breach appears to have taken place at the system of its technical
vendor Route Mobile.

Tata Communications said there is no consequence of the alleged
incident either on the company or its customers.

"For Tata Communications, security for our customers is of paramount
importance. Our global information security team has investigated the
matter. We believe there is no consequence neither for Tata
Communications nor for any of our customers.

"We have already issued legal notices to the concerned parties. We
reiterate our commitment to ensure the safety of our customers data,"
Tata Communications said in a statement.

The hackers have also allegedly uploaded on the dark web transaction
message data of Airtel. The sample data shared was around four years
old.

Data of DBS Bank allegedly leaked online shows banking transaction
messages and one-time passwords sent from the bank to customers.

When contacted, Route Mobile said it is investigating the incident,
adding it has not come across any evidence that shows impact on its
customers' personal data.

"We would like to highlight that there are unverified posts and claims
being circulated about an alleged data breach at Route Mobile. Our
Cyber Security Team is aware of these alleged claims and are currently
investigating the same.

"As of today, we can confirm that Route Mobile's systems are secure
and there is no evidence to suggest that this has any impact on Route
Mobile customers' personal data," Route Mobile said.

The company further said it takes all data security claims seriously
and has "engaged a third party Cyber Security Consultant to
independently verify and audit our findings."

No immediate comments were received from Bharti Airtel and DBS Bank.