Jio subscriber data leak — some notes
Yesterday, A Twitter user Amit broke the news of Jio Subscriber Data being leaked through a malicious website.
This news caught on and got everyone’s attention because of the nature of data that was being displayed through that website. Names, Email addresses, SIM Activation timestamps, Circle Information and for some, even their Aadhar numbers.
The primary source of this leak seemed to have come from a computer/mobile enthusiast forum, where a user goes by the nickname imranchhimpa posted the initial link to the website.
Even though that user linked to the website, we are still not sure who are the rightful owners and maintainers of the malicious website. Other forum members seems to have faith in the aforementioned user to procure any kind of Telecom operator information, at times, for a price.
I made a post at Reddit about the Jio Data Leak. The malicious website went down frequently after multitude of users started verifying their own/others numbers to check the authenticity of the claim.
A Redditor — /u/lkcf23f — noted that the real source of the leak could be having more sinister data like CDR, by posting the screenshot of an underground data blackmarket in the Onion network — where Jio data was/is on sale.
Apparently this post is from the month of April and we can only assume how long Jio Subscriber data was available for unscrupulous buyers. Many questions remain on how the hackers/leakers could have got hold of critical information like CDR (Call Detail Record).
There were official denials about the veracity of the user data being spewed by the website, despite majority of the people who verified the information (including me) found otherwise.
The nature of the information that was being leaked looked almost current. I checked with a Jio number that was activated just a week ago. The leaks were accurate on the details. There are other Redditors who were astonished, because they had just activated their SIM on the same day — yet the leaks included their information as well.
As of now, the site in question seems to have been taken down by Authorities.