The company said it had fixed the issues identified by the hacker who posted details of his findings on his Twitter account. He said that BSNL's intranet was vulnerable to an SQL injection, allowing an attacker to dump all the information of 47,000 employees from its database. The French hacker said he was not the first to find this flaw; it had been found by an Indian named Sai Krishna Kothapalli two years ago but his emails and calls to BSNL officers went unanswered. Alderson also pointed out that the BSNL intranet had been attacked by ransomware but whoever was in charge had not even noticed the attack.
展开▼
