HQ/EMEAFind out how we can help your business
Our lead researchers in iZOOlogic observed a data breach incident that could significantly impact Hathway ISP in India.
Hathway, one of India’s leading Internet Service Providers (ISPs) and cable television operators, became subject to a massive data breach that exposed over 41.5 million customers to potential cybercriminal activities.
Hathway ISP allegedly neglected the hacker, causing the publishing of the stolen data.
According to our research, a hacker operating under the pseudonym ‘dawnofevil’ stated that Hathway ISP was not ready to cooperate with them, so it published the stolen data to sell them to interested parties.
The hacker claims to have accessed and subsequently leaked a substantial database associated with Hathway. In addition, our researcher confirmed that the data compromised by the data leak includes names, email addresses, phone numbers, physical addresses, and other personally identifiable details of the ISP’s clientele.
Some of the most critical details the hacker included in the leaked data are customers’ device information, salutations, and support tickets.
The scale of the breach is massive, as the hacker featured a data dump exceeding 200 GB, encompassing 789 CSV files, and compromising approximately 4.6 million accounts. This malicious act shows the severity of the situation and the potential consequences for the affected customers.
Hathway has yet to address or confirm the data leak incident, leaving affected individuals waiting anxiously for more details. Furthermore, the absence of a quick and transparent response from the ISP provider raises concerns about the security measures and the company’s ability to protect customer information.
If the breach is true, the implications will be catastrophic for customers since the leaked data reportedly includes many sensitive details, ranging from full names and email addresses to phone numbers, home addresses, customer registration forms, copies of Aadhaar cards, and other personal information, including Know Your Customer (KYC) data.
This situation is under development, which our researchers will continue to monitor so we can provide the latest information about the data leak. In the meantime, iZOOlogic urges potentially affected people to be mindful and vigilant of unsolicited communications since the data leak includes phone numbers and email addresses that hackers could use for phishing campaigns.
