A vulnerability in Reliance Jio's JioMoney wallet app exposed personal data of JioMoney users, according to an independent security researcher. Users' Aadhaar numbers were exposed, along with details like their date of birth, when they verified their SIM card, and their JioMoney account MPIN. MediaNama reached out to Jio for comment, and in response they have sent the following statement: “ We have come across an unverified and unsubstantiated claim of personal data of JioMoney users being exposed. We confirm that there is no such issue in JioMoney. Prima facie, the claims appear to be mischievous attempts to malign our services. We assure our users that their data is safe and maintained with highest security.” C.S. Akshay, the researcher, started scrutinizing JioMoney's code when the service's customer support was unable to resolve a grievance. "Absolutely irritated, I messed with Jio Money with [which] the issue resided and boom," Akshay said, "a vulnerability was discovered!" Akshay put up a microsite where these details could be auto-fetched, but took it down — and deleted his tweets on the subject — after getting a call from Jio. While Jio does not publish details about how many users are enrolled on JioMoney, the company encourages all its subscribers to download the entire Jio suite of apps, which includes JioMoney. pic.twitter.com/uL3ynzRGTt — Anivar Aravind (@anivar) July 3, 2018 JioMoney partners JioMoney also runs a payments bank, and is partnered with several insurance companies that lets users make premium payments. It also has partnerships with Uber,…
