This has the makings of another AA situation where despite evidence, an entity initially claims that data were not compromised, only to have to walk back their claims later on.
The New Indian Express reported:
In what seemed to be the biggest data breach in India, a nondescript website called magicapk reportedly had access to data of over 120 million Reliance Jio users. The website gave out details like first name, last name, mobile number, email-id, circle, SIM Activation Date and even Aadhaar Number.
Interestingly, Reliance Jio was one of the few telecom operators to use Adhar ID for sim activation.
You can access their full article here.
Now read this report from Gadget360:
A website that appears to show personal information of Reliance Jio customers has surfaced online. The scale of the alleged database breach remains unclear. Reliance Jio insists that data of its customers is safe.
Several users took to Twitter on Sunday to share URL of a website that lets anyone look up personal information of a Reliance Jio customer. The website is able to show a customers’ full name and their registered phone number for several Jio numbers that we tried.
Details of the circle the number was registered in, and when the phone number got activated are also visible. In some instances, a customers’ registered email address is also available. Gadgets 360 was able to verify the information of several customers’ data that appeared in the results.
It remains unclear who is behind the alleged breach, though the IP address behind the website is Mumbai-based, according to public information on domain registrars. The domain was first registered in May this year.
Read more on Gadget360.
Feeling confused? It’s understandable. How can Reliance Jio claim customer data is safe when people have tested the other site and were able to retrieve accurate information on themselves and known associates?