Cracking the Reliance JIO data breach case within 24 hours, the Navi Mumbai and Maharashtra Cyber police teams have zeroed in on the prime suspect who will be brought from Rajasthan to Mumbai on Wednesday.
Confirming the developments, Maharashtra Cyber Superintendent of Police Balsing Rajput said that following an FIR lodged by the Navi Mumbai Police, the cyber sleuths got a lead which was thoroughly analysed to pinpoint information on the culprit.
Rajput said that with the help of Rajasthan Police, one man was arrested from Churu district of that state and further investigations were on.
“A team of Maharashtra Cyber, Navi Mumbai Police and Reliance Jio officials are in Rajasthan conducting raids with the help of Rajasthan Police, while a team from QuickHeal is providing technical help in the probe,” Rajput said.
The suspect, identified as an engineering student Imran Chimpa, hails from Sujangarh in Churu, and the Navi Mumbai Police have sought his transit remand from Rajasthan to Mumbai.
He would be brought to Navi Mumbai where the case was registered following a complaint by Reliance JIO.
The proprietor of a local internet service provider in Sujangarh, where Chhimpa was a customer, confirmed Chhimpa had been detained, adding he had received a query from the police about Chhimpa earlier on Tuesday.
In a July 5 post on Frendz4m, an online message board, a person with Chhimpa's Internet Protocol (IP) address and using the handle "imranchhimpa", posted a link to "magicapk.com" saying the site could provide personal user details of anyone with a Jio connection. The post said the data was obtained from original documents.
The proprietor of the local internet service provider said that police asked him for the installation address of that particular IP address, and made him accompany them to Chhimpa's home, where he was later detained.
Chhimpa was not immediately reachable for comment, and his phone was switched off. Police declined to comment on whether there were any other suspects in the case at this time.
A spokesman for Jio said there was no immediate comment on the company's own investigation into the alleged leak.
Major Breach
On Monday, Jio said the data leak appeared to be "unauthentic", and the company's subscriber data was safe and maintained with the highest security.
Some Jio users, though, took to Twitter to say they were concerned that personal information on Magicapk.com could be accurate. Some Indian media said their own checks suggested some leaked data were authentic. The Indian Express newspaper said it was able to cross-verify details on a number of Jio customers it knows.
The Magicapk.com website showed as "suspended" since late Sunday.
Jio launched last September and already boasts over 100 million subscribers after drawing in users with months of free service and now cut-price deals.
Analysts said that if the names, contact numbers, email addresses and Aadhaar numbers of all Jio customers were compromised, it would be a major setback for the telecoms industry's new entrant.
Many users registered for Jio using a 12-digit Unique Identification Authority of India (UIDAI) number, commonly known as the Aadhaar number.
The government is pushing for Aadhaar numbers to be used in everything from opening a bank account to filing tax returns. The number, which works in a similar way to US Social Security numbers, is unique to each Indian citizen and stores users' biometric data in a centralised database.
