gdbassett
commented
5 years ago This case dates back to potentially 2016 when a previous research discovered the vulnerability: https://medium.com/bugbountywriteup/the-full-story-of-the-2018-bsnl-india-hack-85c98e3f10f8.
It's likely they were breached multiple times including by blind SQLi (the vuln from the 2018 report), unauthenticated jboss console that was exploited (https://twitter.com/kmskrishna/status/708404570779623424), and a couple defaced websites (https://twitter.com/fs0c131y/status/970920281345875970). (possibly related to the jboss issue)
As it's unclear where one breach stops and another begins, I'm going to abstain on coding this. It's possible it coded based solely on the jboss exploit screenshot, but that's a pretty thin thread to pull.
https://economictimes.indiatimes.com/tech/internet/bsnl-intranet-hacked-company-fixes-leak-after-alert-by-researcher/articleshow/63158522.cms