Reliance Jio stated today that it is investigating allegations that private data of more than 100 million of its customers had leaked on a website, if it is true then it will turn out to be the massive data breach at an Indian telecom operator.
Jio in denial mode stated that the information which is available on the Magicapk.com website is unauthentic and hence its subscriber data is safe and kept in the highest security.
Recently people complained on Twitter about their data being publicly available on Magicpk.com; also several Indian media checked the authenticity of such complaints and found out the leak was genuine.
According to Reuters, Jio refused to clarify on the press reports.
A Jio spokesperson said, "We have informed law enforcement agencies about the claims of the website and will follow through to ensure strict action is taken."
According to MediaNama, "Last night, a website called Magicapk.com went online, allowing anyone to search for user identification data (Know Your Customer; KYC) of Reliance Jio customers. It had the following KYC information: Name, Mobile Number, Email address, Date of activation, Circle and Aadhaar number, but thankfully, the Aadhaar information was redacted".
(excerpts from MediaNama)
As the news broke on social media platforms, soon after 11 pm yesterday the website was taken down by its hosting provider.
Magicapk.com is still showing as "suspended."
A large number of Reliance Jio users had been registered by using a 12 digit Adhaar number, provided by Unique Identification Authority of India (UIDAI). Recently the Government of India has begun mandating the use of Aadhaar number for all from an opening a bank account to filing tax returns.