In capsule: - Personal details of millions of Jio users have been leaked on Sunday.
- The details were out at website magicapk.com until yesterday evening.
- The details contain customer name, Jio number, Email ID and verification ID.
- There are no reports yet indicating leakage of Aadhaar number linked to Jio sim card.
- The website was down at Sunday midnight when Jio team initiated defensive actions.
- Jio team has assured that their customer's details are safe.
Unfortunately, India has experienced one of the most aggressive data leaks in the history. It can be considered as one of the biggest breaches. Personal details of millions of Jio users have been exposed to the public on the web. The details were available at a website called magicapk.com until yesterday evening. The incident has created a panic situation within customers. The details contained,
- Customer Name
- Jio number
- Email ID
- Verification ID ( used to activate the sim)
Reports have predicted that around 120 million Jio users have been affected. Customers could relax knowing that there are no proofs or reports indicative of Aadhaar number leakage. As jio used Aadhaar numbers to authenticate users, there is a potential vulnerability for a massive data leakage. People came to know about Jio data leakage followed by several tweets in the social media. The tweet was very clear and simple, “ go to magicapk.com, search number to get your details”. The website then fetched the above-mentioned details of the respective number. As soon as Jio got the information of data leak, Jio cyber experts initiated their defensive action within hours. By Sunday midnight, the site magicapk.com was down and the data was no longer available. Right now, the website shows ‘error, the account of the website owner has been suspended’. For now, Jio has denied the data leak. "We have come across the unverified and unsubstantiated claims of the website and are investigating it. Prima facie, the data appears to be unauthentic. We want to assure our subscribers that their data is safe and maintained with the highest security. Data is only shared with authorities as per their requirement. We have informed law enforcement agencies about the claims of the website and will follow through to ensure strict action is taken," a company spokesperson told the popular news media, India Today Tech. Although the data is not available now at magicapk.com, it is obvious that vigilant cyber scammers might have fetched and duplicated the details for any sort of cyber attacks in the future. As prima facie, the data leak seems real and authentic, though Jio denies the authenticity of the leaked data. This could be the reason why in some of the web forums often visited by hackers and scammers, the Jio data is already seemingly on sale. Although name Jio doesn't find any mention in his post. A user named M00n$hine has kept a database containing details of 120 million users of a big Indian telecom firm on sale. According to M00n$hine, the database not only contains user details but also their CDR details which can reveal the customer's outgoing and incoming call-related information. The user is selling details of 20 lakh consumers at a price of 19 bitcoins as per the media reports. Jio team has assured their customers that their personal details will be safe and there is no room to worry!
Disclaimer:
Secure Reading has no confirmed sources for the information shared in the above news/articles. It relies on various unconfirmed inputs, social media claims, and websites for its content, and cannot guarantee the accuracy, timeliness, and genuineness of the same. If there is any error in the news, and once it is brought up to our attention with relevant evidence, Secure Reading is willing to make necessary corrections as applicable.
