Reliance Jio data breach: Details of over 100 million customers allegedly leaked

online, investigation underway
Reliance Jio said on Monday it was investigating claims that personal data of over 100 million of its customers had leaked onto a website, in what may be the first ever large-scale data breach at an Indian telecom operator.


Mumbai: Reliance Jio said on Monday it was investigating claims that personal data of over 100 million of its customers had leaked onto a website, in what may be the first ever large-scale data breach at an Indian telecom operator.

Jio, India`s newest telecoms entrant, said that the data on the website, “Magicapk.com”, appeared to be “unauthentic” and that its subscriber data was safe and maintained with the highest security.

But people complained on Twitter about personal information of Jio users being publicly available on Magicapk.com, and some Indian media said that their checks had led them to believe the leak was real.

Jio declined to comment on the newspaper reports.

“We have informed law enforcement agencies about the claims of the website and will follow through to ensure strict action is taken,” a Jio spokeswoman said.

Newspaper Indian Express said it was able to cross-verify details on a number of Jio customers known to them.

“Indianexpress.com checked with some Jio numbers and found that details of numbers bought as late as last week are up on the site. However, it was not clear if all the numbers are available on the site, as a lot of queries were throwing a blank,” the newspaper reported.

Magicapk.com is showing as “suspended” since late on Sunday.

Many users had been registered for Reliance Jio services by using a 12-digit Unique Identification Authority of India (UIDAI) provided number, commonly known as the `Adhaar` number. The Indian government has begun mandating the use of Adhaar for everything from opening a bank account to filing tax returns.

The `Adhaar` number, which works on similar lines as Social Security numbers in the U.S., is unique to every Indian citizen and it stores biometric data of users in a centralized database.

Local tech website MediaNama said that Adhaar information on the website had been redacted. It also said it had independently verified data on the website for multiple Jio numbers, and that the data was accurate for those numbers.

Jio, run by Reliance Industries Ltd, launched last September and has already added over 100 million subscribers.

If the claims of the data breach are true, it would be a big setback for the Indian telecom entrant`s aggressive push led by Reliance Chairman Mukesh Ambani.

Ambani, India`s richest man, through months of free and cut-price deals has propelled Jio into the nation`s fastest growing wireless operator. It added 3.9 million subscribers to its network in April.

Shares in Reliance were up slightly in early trading in India on Monday.

Share on FacebookTweet about this on TwitterShare on Google+Email this to someonePrint this page