A hacker operating under the alias ‘dawnofdevil’ has asserted responsibility for a massive data breach targeting Hathway, one of India’s largest Internet Service Providers (ISPs) and cable television operators.
The hacker alleges to have leaked a massive database associated with Hathway, citing a vulnerability in the Laravel framework application, the content management system (CMS) utilized by the company.
According to the hacker’s message posted on the breach forum, the Hathway data leak, which reportedly occurred in December 2023, exposed sensitive information belonging to over 41.5 million customers.
Hathway Data Leak Details
The Hathway data leak includes names, email addresses, phone numbers, physical addresses, and other personally identifiable information. A staggering 200 GB+ of data has been dumped, comprising 789 CSV files, as claimed by the hacker in a message posted on a forum.
Click here to follow our WhatsApp channel
The hacker, addressing the BreachForums community, stated, “Hello BreachForums Community, today I have uploaded the Hathway.net Database for you to download, thanks for reading and enjoy!
To validate this claim, The Cyber Express team reached out to Hathway officials. However, as of the writing of this report, no official response has been received, leaving the claim unverified.
If proven true, the implications of this breach are far-reaching. The leaked data includes comprehensive details such as full names, email addresses, phone numbers, home addresses, customer registration forms, copies of Aadhaar cards, and various other personal information, including Know Your Customer (KYC) data.
Given Hathway’s role as a prominent internet provider in the country, the fallout from this Hathway cyberattack could extend beyond individual privacy concerns.
India’s Vulnerability to Cyberattacks
India has been a consistent target for cyberattacks, accounting for 13.7% of all global cyber incidents.
This is not the first instance of an Indian organization facing such threats. In 2023, a hacker group known as “Team Insane PK” claimed to have successfully executed a cyberattack on Amazon India, though this claim remains unverified.
One contributing factor to the increasing frequency of cyberattacks in India is the alarming cybersecurity skill gap.
With nearly 30% of cybersecurity job vacancies in the country remaining unfilled due to a severe shortage of skilled professionals, organizations become vulnerable to such breaches.
The cybersecurity skill gap is exacerbated by the misconception that only individuals with a technical background in IT security or engineering can pursue careers in the field.
To address this, it is crucial to emphasize that the demand for cybersecurity professionals extends beyond those with traditional technical backgrounds.
As The Cyber Express continues to investigate this ongoing situation, we will keep our readers informed of any developments in this major data breach affecting Hathway.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
