Vianet Falls Victim To Data Breach, Customer Data Compromised

The biggest data breach in the history of Nepal
Share It On:

April 08, 2020, Kathmandu, Nepal

Vianet, one of the largest ISPs in Nepal has become the latest victim of a data breach. Hacker(s) have managed to hack the database of the ISP stealing over 1.7 lakhs of customer data. (To be precise, the data of 176518 customers has been compromised)

The data has been leaked by a twitter handle ‘Narpisach’ on the platform itself.

In fact, you will need to use a special browser ‘Tor’ to access the data posted on the dark web. The twitter handle posted the onion link leading to the leaked data.

At the moment, twitter has restricted the account.

Hacked data includes the dump of name, address, mobile, and email of over 1.7 lakhs Vianet users.

Sounds familiar?

Indeed, it is similar to the Foodmandu data hack that occurred around a month ago. The incidents have raised serious questions regarding the security of online service providers in Nepal.

Managing Director of the company, Binay Bohara, said that the data was leaked internally.

‘We only knew about it a while ago. The hacker made it public on a tweet containing leaked data yesterday. We are conducting internal research,’ he said.

He also said the information will only be known after the investigation as to when the data was stolen.

What’s in the Hacker’s Tweet

The hacker posted a series of tweets on Twitter following the data breach. The twitter handle “नरपिचास” (@paapi_kto_mah) seemed to feel empowered as they posted this:

Vianet Data Breach

“Enjoy this, Data hungry people”, the post read. The data dump is hosted on the ‘Onion network’ that encrypts the user’s data in onion-like layers making it impossible to track.

Now, the account seems to have been temporarily restricted. We believe the platform might have taken an action against the account or the tweet.

However, the data is still accessible.

Vianet's Data Dumped Publicly on Tor Network
https://ictframe.com/nepali-isp-vianet-data-breach-leaks-almost-160000-users-data/

Officials at the Nepal Police’s Cyber Crime Bureau said that they were unaware of the breach.

“We have seen some posts about the Vianet data breach on social media,” said Senior Superintendent Nabinda Aryal of the Cyber Crime Bureau. “But, we do not have any official information yet.”

There is no confirmation from the official source of Vianet.

How are People Responding to Vianet’s Data Breach

People are furious and worried regarding the scenarios Nepal’s tech companies are facing. There are serious concerns for the weak implementation of database security of data-based companies, which is most of the top companies in Nepal.

Basanta K. Dhakal writes on IT Entrepreneurs for Nepal:

He is concerned about the security measures the companies should apply for securing customer data. And, for obvious reasons!

Another response is by Rakesh Panthi on a comment that reads:

He says that this particular incident is the one we know about because the hacker chose to leak the data. There must be other several data breach cases that no one knows just because the hackers chose to not share the information.

He further writes that it is the failure of IT security specialists. Also, he points out that the customer’s GPS location could be next in the data breach incidents of the near future. And,  this could possibly be from platforms like Pathao and Tootle.

How to prevent Data Breaches?

Security experts better know how to prevent data breaches and hacks. However, recent cases in Nepal have pointed towards the weak implementation of security systems. Either that or carelessness of security specialists.

As consumers, it is time to know some facts and points that can prevent data breaches.

  • Updating software on a regular basis can prevent attacks. It is essential to update the OS and other applications. The networks become sensitive if not patched.
  • Limiting access to the most valuable data will prevent any employee from clicking malicious links directed towards cyberattacks. Only concerned departments and security specialists should have access to such data.
  • Training the employee is the best way to make sure potential risks stay put. Tech companies need to train their employees about the latest cybersecurity policies and practices.
  • Vulnerability testing and Compliance Management will make sure to identify any loopholes and security misconfigurations. After all, prevention is better than cure.
  • Avoid access to office laptops, files, and software at home. The data breach can occur by any small mistake due to the use of office property and personal data simultaneously. Hence, monitoring devices can help with minimizing the risks.
  • Be careful of Third-Party vendors and make sure to observe them thoroughly. Make sure to check their background and reputation before collaborating with them. They can carry potential risks to your sensitive customer data.
  • Early Notification will help minimize the loss by conducting an internal investigation. Report even minor issues or suspicious acts. This can help solve the issue internally.

Final Say

Tech companies need to strengthen their security systems as soon as possible by the likes of it. More and more tech companies are falling victims to cyberattacks recently and it is concerning for their customers.

Had they sought enough security measures from the start, such data breach incidents could’ve been avoided.


Share It On:

Recent Posts

Citizens Bank 11.11 Deals: Exclusive Discounts on Daraz

Citizens Bank 11.11 Deals: Exclusive Discounts on Daraz

Share It On:5th November 2024, Kathmandu Citizens Bank International Limited signed an agreement with Nepal’s leading online marketplace, Daraz, to

Local Talent Shines in Cybersecurity: Bipu Ojha and Tuan Khuat Win CDU IT CodeFair CTF

Local Talent Shines in Cybersecurity: Bipu Ojha and Tuan Khuat

Share It On:5th November 2024, Kathmandu Bipu Ojha and his teammate Tuan Khuat have emerged as winners in the prestigious

CEDB Hydropower’s Extraordinary General Meeting Concluded: Five Directors Elected

CEDB Hydropower’s Extraordinary General Meeting Concluded: Five Directors Elected

Share It On: 5th November 2024, Kathmandu CEDB Hydropower Development Company Limited has successfully concluded its extraordinary general meeting. CEDB

Government’s Journalist Accident Insurance Program: Apply Now For Your Protection

Government’s Journalist Accident Insurance Program: Apply Now For Your Protection

Share It On: 5th November, Kathmandu The Department of Information and Broadcasting has announced the launch of a new insurance

Nepal Life’s Property Acquisition in Hetauda: A Strategic Move For Growth

Nepal Life’s Property Acquisition in Hetauda: A Strategic Move For

Share It On:5th November, Kathmandu Nepal Life Insurance, a leading life insurance company in Nepal, has recently expanded its footprint

Global IME Dividend Announcement: Key Book Closure Date Revealed

Global IME Dividend Announcement: Key Book Closure Date Revealed

Share It On:5th November 2024, Kathmandu Global IME Bank has good news for its shareholders! The bank has announced a