On Friday, July 5, Bharti Airtel, led by Sunil Mittal, categorically denied any security breach or data compromise following reports of an alleged customer data leak. The company asserted that these allegations were a deliberate attempt by certain vested interests to damage its reputation. Airtel stated in a post on X (formerly Twitter) that, "There has been a report alleging Airtel customer data has been compromised. This is nothing short of a desperate attempt to tarnish Airtel’s reputation by vested interests. We have done a thorough investigation and can confirm that there has been no breach whatsoever from Airtel systems."
Several media sources reported that insiders from Airtel confirmed that the alleged hacker has not provided any tangible evidence to back up his claims and is misusing the narrative to harm the company’s image.
The incident in question emerged on July 4, when unverified reports surfaced suggesting that the data of up to 375 million Airtel customers, including phone numbers, email addresses, and Aadhaar numbers, were purportedly being sold on the dark web. The hacker, known by the alias ‘xenZen’, allegedly listed this database on a dark web forum, asking for $50,000 for the information. XenZen claimed that the breach happened in June 2024 and provided a sample of the data. Additionally, he reportedly admitted involvement in a previous breach of the diplomatic passport holders' database maintained by the Union Ministry of External Affairs.
This is not the first time Airtel has faced such allegations. In 2021, cybersecurity researcher Rajshekhar Rajaharia alerted the public that data of over 2.5 million Airtel customers had been posted on a threat actor’s website named ‘Red Rabbit Team’. That data was removed after three months, and Airtel denied any breach at the time as well. Other major Indian telecom companies, such as Jio and Vodafone Idea, have also reportedly faced similar data breach allegations in the past. These incidents underscore the significant risks associated with the exposure of personal data, which can lead to identity theft, financial fraud, and unwanted marketing calls.
Several media sources reported that insiders from Airtel confirmed that the alleged hacker has not provided any tangible evidence |
The dark web, where this kind of data is often traded, is a part of the internet that is not indexed by conventional search engines and is accessible only through specialized software like Tor (The Onion Router). While it can support legitimate activities such as anonymous communication for activists, journalists, and whistleblowers, it is also notorious for hosting illicit activities, including drug trafficking, illegal arms sales, and various forms of cybercrime.