Home>CERT-LatestNews>Website that leaked Reliance Jio customer data pulled down, Jio claims user data secure

Website that leaked Reliance Jio customer data pulled down, Jio claims user data secure

CERT-LatestNews Security News ThreatsCybercrime Uncategorized
Home > News > Website that leaked Reliance Jio customer data pulled down, Jio claims user data secure

Data of nearly 135 million Reliance Jio users was compromised and readily visible on the website.


Reliance Jio users faced one of the biggest data breaches when a website that goes by the name of Magicapk managed to hack into and secure the data of nearly 135 million Reliance Jio subscribers. All data of Reliance Jio users was readily visible on site – including, full name, telecom circle, mobile number, SIM activation date and time, and in some cases, even the Aadhaar number. However, within a few hours of the leak, the Magicapk website seems to have been suspended and is no longer accessible.

Accessing the website results in an ‘Account Suspended’ notification. Previous reports suggested a different error and it’s unclear if the website has been pulled down by the creator or the account suspended owing to the breach. No details regarding the owner of the domain have surfaced though the website is known to be hosted at GoDaddy.

The website was first spotted by FoneArena, after it surfaced over Twitter. Post the news breaking, Reliance Jio issued a statement assuring users of the highest standards of security employed to protect data. The entire statement reads, “We have come across the unverified and unsubstantiated claims of the website and are investigating it. Prima facie, the data appears to be unauthentic. We want to assure our subscribers that their data is safe and maintained with highest security. Data is only shared with authorities as per their requirement. We have informed law enforcement agencies about the claims of the website and will follow through to ensure strict action is taken.” ALSO READ: 135 million Aadhaar numbers made public by four government portals: CIS report

However, despite the statement assuring users of high security and data being unauthentic, the users who visited the website before it was taken down and entered their credentials were able to easily access their data. None of the details presented were unauthentic. Clearly, the entire Jio database was up on the site and easy to access by anyone wishing to check out the details. Though this is not the first such data breach in the country, it is definitely the first time a telecom provider’s data has been revealed in such a massive leak on the internet.

As Reliance Jio statement also mentions action against the wrong-doers, it is unclear if the website has now been pulled down as a result of the prompt action on the part of law enforcement agencies or by the private owner’s volition. Many Reliance Jio users took to Twitter to talk about the leak. Unfortunately, data security remains one of the least important topics in the Indian cyber space, with constant breaches being common.