Indian 4G newcomer Reliance Jio is looking into allegations that up to 100 million of its customers have been the victims of a leak of personal data.
The report, first published on Forearena.com, claimed that the user data had been uploaded to the now-suspended independent site magicapk.com. Twitter users corroborated that the personal details of Jio customers had been made available via this site.
Following these claims, the Indian press has stepped in to verify the reports, with The Indian Express newspaper confirming that the site had released accurate information regarding subscriber names, numbers, email addresses, regions and activation dates.
The leaked information could be a significant setback for Jio, which launched in September last year and has accrued over 100 million subscribers in this time. For its part, the operator has claimed that the released data was “inauthentic”, and asserted that its subscriber data is secure.
A company representative stated: “we have informed law enforcement agencies about the claims of the website and will follow through to ensure strict action is taken.”
The website MediaNama has claimed that, in addition to the aforementioned personal details, the leak has also disclosed the Aadhaar numbers of Jio customers. If this allegation is true it would be particularly damaging; these 12-digit numbers are unique to every Indian citizen, and are used to verify identity for high security operations such as opening bank accounts or filing tax returns.
The Aadhaar numbers are stored on a central database, and contain biometric data. Many Jio subscribers used their Aadhaar number to register for the operator’s services.