The Story Of Vianet’s Data Breach | The Full Case Story

Officials at Vianet confirmed the breach but refrained from providing more details
Share It On:

April 08, 2020, Kathmandu, Nepal

One of the leading ISPs of Nepal, Vianet Communications, faced a massive data breach exposing its more than 1,70,000 users’ data. Well, to be exact, all its 1,76,519 user’s data. The leaked data includes the user’s email address, phone number, and address. In this post, we’re going to let you know actually what had happened.

Yesterday, Apr 7, a guy managed to enter the server of Vianet Communications between 7:30 to 7:50  by exploiting a bug. Then he downloaded the data in .csv format. After downloading the data, he put the data in Pastebin and tweeted, saying, “Who comes first, that will only get,” along with the link to Pastebin.

nepali isp hackers tweet

Then, he tweeted, asking if some changes have been seen in the system of Vianet at 8:39 pm. Though he tagged three accounts, none of them were official accounts of Vianet Communications.

Vianet Communications Hackers Tweet

At 8:42, he tweeted again with vulgar literature. He said that @mr_mugger, who had leaked the details of more than 50,000 users of online food delivery service, ‘Foodmandu’ was his disciple. He stated that he was going to do big mess in 2020. And that is what he did with the Vianet’s users’ data. He also stated that there would be fair of scandals. He ended the tweet with ‘Jay Nepal.’

Vianet Data Breach Tweets

After a minute at 8:43, he again tweeted tagging @mr_mugger. In this tweet, he said to @mr_mugger that data he leaked wasn’t as long as the data he has got.

Vianet Cybercriminals Tweets

At 8:54 pm, after 11 minutes of the previous tweet, the hacker (नरपिचास) retweeted the tweet of @mr_mugger which said “Data is beautiful” saying that data is not just beautiful but entertaining too.

Vianet Cyberattackers Tweets

Next morning, 11:07 AM on Apr 8, he twitted saying “Humans needy of data, take enjoy {onion link to data}”. In case you don’t know, onion links are the links to the dark web that can only be accessed from special browsers like the ‘Tor Browser’. They are different from normal links in the sense that, the data is stored in the computer of the data owner, not in the servers where normal websites are hosted.

Vianet Data Leaked Tweets

Then, at 11:08 am, after a minute, he replied to the tweet with Pastebin link saying. “Data of more than one lakh seventy thousand five hundred people has been leaked, and no one cares. This is called a country.”

Vianet Data Compromised Tweets

Vianet Data Theft Tweets

Then, at 11:55 am, he retweeted his tweet where he had mentioned wrong accounts assuming the account of Vianet Communications saying, “This was it @VianetFTTH.”

Vianet Customer Data Compromised Tweets

He has no twitter activity after it, and his twitter account is temporarily restricted for unusual activities.

Consequences of the data breach

After the data breach, various people will try to scam users. Users may receive spam emails and calls from unknown numbers. Multiple people will claim to be representative of Vianet and try to spam you. They’ll try to offer you fake offers. Don’t fall for them.

We suggest you confirm the numbers and emails before responding to them. Although the passwords haven’t been leaked, please change your password for extra security.

Vianet’s Statement on Data Breach

After 24 hours of a data breach, Vianet Communications issued an official statement acknowledging the incident. The statement signed by Binay Bohara, Managing Director of Vianet Communications, stated that the company faced a cyber incident that resulted in the leaking of personal data including name, phone number,  address, and email address. The statement said that the loophole has been fixed, and the company has reported to the Cyber Bureau.

The company asked for the support and requested its customer not to answer calls from unknown numbers and verify if the numbers are really from Vianet Communications if someone says to me calling from Vianet. Similarly, the company requested to make sure that the email claiming to be from Vanet comes from an email address ending at ‘@vianet.com.np’.

In the end, the company apologized for the incident and said to update if any significant developments are made on the case.

Vianet Official Statement On Data Leaks Incident

What do we say about the incident?

May any company suffer the data breach, the one who should suffer are the consumers. So, a strong policy against cybercriminals should be brought by the government as soon as possible. Also, the companies should invest in their security and fix the loopholes as soon as it is found. The companies should reward the people who find the loopholes, and their efforts should be appreciated.

According to a person in Ask Buddie, the biggest tech community in Nepal, he found the loophole through which he could extract the same details as leaked now and reported to Vianet. The bug was fixed only after three months, and they didn’t even reward him.

So, we request the companies to invest a reasonable sum of money in security and reward the white hat hackers who help them in fixing the loopholes.

We wish may the customers never get their data compromised.


Share It On:

Recent Posts

Dursikshya Education Network Successfully Concludes Finals of Discovery Education & Edutech’s National Coding Competition – Nepal Edition

Dursikshya Education Network Successfully Concludes Finals of Discovery Education &

Share It On:22nd December 2024, Kathmandu Dursikshya Education Network, in collaboration with Edutech India, Discovery Education UK, and ICT Frame

Child Online Protection in Nepal: Insights From UNICEF and ChildSafeNet Dialogue

Child Online Protection in Nepal: Insights From UNICEF and ChildSafeNet

Share It On:21st December 2024, Kathmandu A high-level dialogue on child online protection organized by UNICEF, in partnership with ChildSafeNet,

Support Your NPL Team With Ncell’s Exclusive PRBTs

Support Your NPL Team With Ncell’s Exclusive PRBTs

Share It On:20th December 2024, Kathmandu As the finale of the Nepal Premier League (NPL), the ‘Festival of the Himalayas,’

Garima Bank Cash Dividend Proposal: 5% for Shareholders

Garima Bank Cash Dividend Proposal: 5% for Shareholders

Share It On: 20th December 2024, Kathmandu Garima Bikas Bank has announced its decision to offer a cash dividend to

Citizens Bank and SM Dental Partnership: Exclusive Discounts for Digital Payment Users

Citizens Bank and SM Dental Partnership: Exclusive Discounts for Digital

Share It On: 20th December 2024, kathmandu Citizens Bank International Limited has formed a strategic partnership with SM Dental and

Nabil Bank Toll-Free Number for Easy Banking Support: 24/7 Access to Assistance

Nabil Bank Toll-Free Number for Easy Banking Support: 24/7 Access

Share It On: 20th December 2024, kathmandu Nabil Bank Limited has rolled out a new initiative to improve customer support