In what could be the single largest data breach in India, 120 million Reliance Jio customers' data is believed to have been leaked online. The breach was discovered on July 9, 2017, after the website Magicapk.com leaked user data – including sensitive information – such as last names, mobile numbers, email ids, and even Aadhaar details of customers.
In a bid to contain the damage, the website was taken down shortly after the news of the leak spread, but not before the website had already divulged customer details – including Know Your Customer (KYC) details – of millions of users. All one needed to download the details was the phone number or name of the Jio customer.
The massive data breach has rightly sparked off concerns regarding the security of customers' personal data — open to misuse. Here's all you need to know about the disastrous leak and why it puts customers at risk:
The reported data breach was exposed sometime late July 9 after social media users started reporting the existence of a portal – Magicapk.com – sharing sensitive data of Reliance Jio customers at a press of a button. The worst fears of these social media trawlers were soon proved right by Forearena which, in its report, exposed the extent of this breach by Magicapk.com.
Website taken down after furore
Post the leak, the website was taken down around 11pm on the same day, but not before the users' data – including personal details such as name, email id, circle, SIM activation date and Aadhaar numbers – was freely available for download. What is most dangerous about the breach? That the information of millions of Jio users could be used for nefarious purposes and passed around in the black market of online data.
Data still available on dark web forums
As per reports, the data has now found its way into the dark web and is on sale on forums frequented by hackers and cyber criminals.
Interestingly, the data cache is being sold not as Reliance Jio user data, but as the "details of 120 million users of a big telecom firm in India".
The posts reportedly also claim that the data has details like the incoming and outgoing call records of users.
Reliance Jio denies data breach
On July 10, however, the telecom operator in question denied the data breach. Speaking to The Wire, Reliance Jio spokesperson pointed out that “prima facie, the data appears to be unauthentic”. He added:
"We have come across the unverified and unsubstantiated claims of the website and are investigating it. Prima facie, the data appears to be unauthentic. We want to assure our subscribers that their data is safe and maintained with the highest security. Data is only shared with authorities as per their requirement. We have informed law enforcement agencies about the claims of the website and will follow through to ensure strict action is taken."
Who is behind the leak?
With the probe underway, it is still not clear who is behind the colossal data breach that has put the personal information of more than 100 million users at the mercy of hackers and cyber criminals. An initial probe by EY into the breach has revealed "that all of the telco’s apps and sites were secure and that the breach, if any, could have been at the external vendors’ end".
A closer look at the website's origin also reveals that it was registered as early as May 2017 under the Godaddy domain.
Should you be concerned?
Even though this is not the first case of leak of user data, including the crucial Aadhaar numbers, customers should be concerned because a data breach of such magnitude is no trivial matter. Experts have warned that Aadhaar numbers when leaked pose a huge risk. The fact that this data cache reportedly contains phone numbers, email ids and names of customers should have users all the more worried.
With this data out in the wild web, it's not just cyber criminals you should be worried about. Anyone with your data, especially with a criminal intent — offline or online — can have new SIM cards issued in your name and indulge in fraud using your details in multiple ways.