A recently leaked data from 2021 Airtel’s data breach, shows 18k people having same password

Last year, A huge data breach put all of Airtel’s subscriber data in danger of theft. The Red Rabbit Team hacking group posted online “sample data” regarding up to 25 lakh (2.5 million) Airtel subscribers and advertised the sale of the complete subscriber data for $3,500 in bitcoin. The website hosting the sample data has been taken down, but it appears that the hacker organization still has access to all of the data on Airtel customers.

The airtel data leak came to light after Indian security researcher Rajshekhar Rajaharia tweeted images of the identical sample data. The majority of the information in these screenshots has been obscured due to the sensitivity of the data sets that were exposed. The hacker group uploaded to the internet more than 25 lakh Airtel customers’ data points, including City, Gender, Full Name, Date of Birth, Service Status, Phone number, House number, Aadhaar number, Passport, Voter ID, Father or Husband’s Name, and IMSI (International Mobile Subscriber Identity) number.

Airtel subscribers’ personal information is included in the sample data sets that have been made public from places like Jammu and Kashmir, Punjab, Delhi, Maharashtra, Rajasthan, Karnataka, and more. Rajshekhar also shared a video of an exchange between the hacker gang and Airtel’s Security Incident Response Team (SIRT) from December 2020. This suggests that Airtel knew about a possible data breach for the previous two months or so before the incident. The hackers intended to demand the same sum from Airtel, but it did not seem to be successful.

The database leaked from (last year?) Airtel breach is leaked "de-hashed" today, and I'm astonished about this WTF practice: about 18k users (out of 42k) have the exact same password: Airtel@123 pic.twitter.com/xxCq8ateO8

— Soufiane Tahiri (@S0ufi4n3) August 18, 2022

The database leaked from last year’s Airtel breach was leaked or de-hashed today, where the user’s email id and password were shown. It was revealed that out of 48k customers’ data, about 18k users have the same password which was “airtel@123”. It came as a shock to the viewers thinking how can 18,000 people have the same password? One explanation might be that when an account is created, their environment uses Airtel@123 as the default password, or that their support staff resets customers’ forgotten passwords to Airtel@123. It is also very easy to remember, so as per our guess these can be the reasons behind such a large group of people having the same passwords.