Welcome!

VIANET
DATA
BREACH
 Presenters

Samyojan
Sujal Aman Tapendra Dijan Salon Oman Karki
Kayastha Shrestha Raj Joshi Ghale Basnet Rynne
 Acknowledgement

Chiranjibi Adhikari
-Cybersecurity Expert
-Founder & CEO of One Cover Pvt Ltd

Profile Link:
Table of Contents
Presentation objectives

Vianet Background

Reasons for Ips to protect data

The Breach

The exposed information

Impact

Vianet’s Response
 Objectives of this
presentation
Studying Vianet’s breach Analyzing various
case, aspects of data breach,

Attaining presentation Enhancing teamwork

skills, and individual skills,
 Vianet
Background
• Established in 1999,
• Leading ISPs of Nepal,
• Known for affordable and reliable
fiber optic internet,
• First to introduce FTTH
technology,
• Won awards for it’s innovation
and customer service,
• Recently launched Nepal’s first 2
Gbps internet plan.
source: Vianet's about section
 Reasons for ISP to protect your
a.Consumer Protection data
• ISPs act as data trustees for user data, including
private information, internet activity, and browsing
preferences.
• Data breaches can lead to serious repercussions
for users, such as financial fraud or identity theft.
• Confidential data security measures are
implemented to protect private data from
compromise.
• ISPs play a crucial role in fighting cyber threats.
• They filter out harmful content before it reaches
consumers.
• ISPs monitor network traffic for unusual activity,
such as malware or phishing attempts.
• This proactive approach helps protect clients
 Reasons for ISP to protect
b. Business Needs your data
• Data Privacy Laws are becoming stricter worldwide,
requiring companies to handle customer data more
carefully.
• ISPs face significant fines and legal consequences if they
fail to safeguard customer data adequately.
• Strong security protocols help ISPs comply with these
laws and ensure the safety of customer data.
• These protocols are essential for protecting data from
hackers and other malicious actors.
• An ISP's reputation is at risk if it experiences a data
breach, damaging trust with customers.
• Customers expect their data to be secure with their ISP,
and a breach could lead them to switch providers.
• By prioritizing data security, ISPs demonstrate care for
their customers, strengthening relationships.
• Building trust with customers increases loyalty and
encourages them to recommend the ISP to others.
The Breach
Company: Vianet Communication LTD

Date occurred: April of 2020

Gist of the incident: Exposed the personal information

of a significant number of Vianet's customers

Discovery: An announcement on Twitter by unidentified

hackers revealed the incident

This lead to public being aware of the data compromise

of the consumers. source: Link here
 The breach
The hacker had posted some tweets mentioning Vianet communications.
When he first got access, When he started to mock the
Date: April 7,2020
company,
Time: Between 7.30 to 7.50pm
Incident: Data downloaded in json Date: April 7,2020
format and then converted to .csv . And Time: 8.39pm
dumped though pastebin via twitter. Incident: Several tweets against
the company

source: Link here

The breach
When he started to mock another
hacker
Date: April 7,2020
Time: Between 8.42 to 8.54
pm
Incident: Hacker who hacked
Foodmandu was
getting
abused and trolled

source: Link here

*hacker’s tweet (word blurred for vulgarity)*
The breach

When he uploaded the data on dark web

Date: April 8,2020
Time: 11.07 am
Incident: The hacker uploaded the data through onion links
which are links to dark web only accessible through
special browsers like Tor.
Exposed
Information
• Name of customers

• Email Address of
customers

• Location (possibly
residential addresses)

• Phone numbers of
 Impact
• 1,76,518 users got their confidential
data leaked, (source link)
• Concerns about digital data privacy
were raised by this incident among
Nepalese citizens,
• Repetition of hacks like Foodmandu
hack a month ago (see full article)
questions cybersecurity in Nepal,
• Vianet's reputation as a trustworthy
internet service provider suffered
leading damage to its brand image,
• Data got leaked to the dark web
which is a portal for all the bad
Vianet’s Response
Vianet responded through their website by acknowledging the cyber threat and apologizing
for the incident and also requested to follow some safety measures like:
1.Not entertaining calls or SMS from unknown numbers or answer non-verified or
suspicious emails. Don’t give out your private information to such sources,
2. If you receive any calls on behalf of Vianet, please ensure the call is coming from any
one of the following verified numbers before answering our calls:
9801046410
01-5970444, or
01-4217555
Saving these numbers to easily verify calls from Vianet.
3. If you receive any emails on behalf of Vianet, please ensure it has the official domain
“@vianet.com.np”. Kindly do not open or reply to any suspicious emails.
4. Please reach out to us if you have any issues using the following means:
Call Centre: 01-5970444, 9801046410
Facebook Chat Support: fb.com/vianetnepal
Email: customercare@vianet.com.np
source: Link here
Vianet Data Breach

References
Any Queries
Thank You!