You are here: Home » Reuters » News
Business Standard

Reliance Jio acknowledges systems breach in police complaint

Reuters  |  MUMBAI 

By Rajendra Jadhav and Rahul Bhatia

(Reuters) - India's Infocomm Ltd, which is looking into reports of a major leak of user data, has filed a police complaint alleging "unlawful access to its systems," a police officer involved in the investigation said on Wednesday.

The complaint is the telecom company's first official acknowledgement of a systems breach. has so far denied media reports and user accounts of a leak.

The officer involved in the investigation said filed the complaint on Monday in Navi Mumbai, where it is headquartered.

Jio, part of conglomerate Industries Ltd, did not respond to a request for comment on Wednesday.

Several local sites reported late on Sunday that names, telephone numbers and email addresses of users were visible on a site called 'Magicapk,' which was subsequently taken down.

Jio, headed by India's richest man Mukesh Ambani, rubbished the website's claims and said its subscriber data was safe and maintained with the highest security. It said that data on the 'Magicapk' website appeared to be "unauthentic."

Many local outlets such as Indian Express and MediaNama however, contradicted these claims. They reported being able to cross reference and confirm the veracity of the data on numerous customers known to them.

Experts say has inadequate data protection laws that do not mandate companies or agencies to notify clients if their personal data has been breached. Advocates for stronger data protection laws say this results in data leaks often going unreported.

"There is a clear stigma attached to being hacked, or data being stolen," said Akash Mahajan, a web security consultant in Bengaluru, adding this is why companies in often do not admit to data breaches.

AADHAAR APPEARS SAFE

On Tuesday, reported that police in the western state of Rajasthan detained a man on suspicion of involvement in the breach, which security analysts say could be the first large-scale leak from an Indian telecoms firm.

The officer involved in the matter declined to give further detail on the investigation, but said preliminary evidence indicated the widely-used "Aadhaar" numbers of customers were not compromised in the leak.

Jio, which launched last September, already boasts over 100 million subscribers after drawing in users with months of free service and now cut-price deals. It is not clear whether data on all 100 million plus customers was compromised.

Many users registered for using their 12-digit Unique Identification Authority of (UIDAI) number, commonly known as the Aadhaar number.

The government is pushing for Aadhaar numbers to be used in everything from opening a bank account to filing tax returns. The number, which works in a similar way to U.S. Social Security numbers, is unique to each Indian citizen and stores users' biometric data in a centralized database.

The case was registered under Section 66 of the Information Technology Act, which deals with any unauthorized access to a computer network, and Section 379 of the Indian Penal Code, which deals with theft.

(Reporting by Rajendra Jadhav and Rahul Bhatia; Additional reporting by Sankalp Phartiyal; Writing by Euan Rocha; Editing by Christopher Cushing and Mark Potter)

(This story has not been edited by Business Standard staff and is auto-generated from a syndicated feed.)

RECOMMENDED FOR YOU