Sanjay Soni, a popular right-wing social media figure and self-claimed crusader for the Hindu community, constantly engages in online tiffs with critics of Prime Minister Narendra Modi, tweets in support of his party, and shares a constant stream of cybersecurity-related content to his 44,000 followers.
On May 16, Soni tagged Zivame, an Indian online lingerie shop, claiming it had been hacked and that data belonging to 1.5 million “Hindu girls” leaked.
“They compromised Hindu girls data,” he wrote.
“It wont help you to stay safe now as the details [are] already published on several muslim dominant groups,” Soni added, urging customers to register police complaints against the brand. “And all details [have] been shared to Muslims already.”
The tweet was viewed over 1.2 million times.
Soni also tagged Kapil Mishra, a leader in Modi’s Bharatiya Janata Party (BJP), and claimed to have shared information about the breach with him, roping in a Hindu nationalist politician who is vociferously anti-Muslim.
But Soni’s fearmongering doesn’t appear to be entirely on the level.
In an effort to stoke fears of technological threats to the privacy and safety of Hindi women—their intimate data shared with Muslims—Soni became the focus of a police investigation, which is looking into whether he was involved in the breach.
And the data, which Soni hyped and which the Daily Dot reviewed, wasn’t the targeted attack on Hindu women he claimed.
Under the rule of Modi’s BJP, Hindu nationalism surged in the nation, with Muslims a target of online ire and violent, physical attacks. While repressing Muslims, at the same time, Hindus have built a cult of victimization.
The nation has been beset by an online ecosystem that creates fear, a miasma of misinformation that can be summed up by Hindu nationalists’ most often-used slogan, “Hindu khatre mein hai.”
“Hindus are in Danger.”
The phrase covers a wide range of concerns, from fertility rates to interfaith relationships, all of which contribute to a Hindu demographic panic pushed by the far right. And the personal, private data of Hindu women shopping for intimate clothing outed to Muslims would clearly contribute to that fear.
The National Commission for Women (NCW), the government body protecting and promoting the interests of women, tweeted about the breach and requested that Zivame come before it on May 29.
NCW’s notice alleged the data breach by Zivame would make Hindu girls a target for Islamic groups practicing love jihad and human trafficking
But was Soni merely trying to stoke a panic or actively behind it?
Soni was arrested by the Rajasthan police on June 30 for alleged data theft and stirring up communal disharmony.
He was charged under two acts of India’s criminal code that punishes deliberate acts intended to outrage religious feelings and promote enmity between religious groups.
Soni’s brother, another Hindu right-wing personality, tweeted that his brother was detained by police. “These people claimed to be from STF [Special Task Force] and said that there is a complaint against him for sharing nudes of girls (baseless).”
“Police told me I hacked the company,” Soni told Daily Dot in an interview, adding that he was beaten up in detention and that the police tried to coerce him into confessing.
A complaint viewed by the Daily Dot registered against Soni by two Zivame employees alleged that on April 24 a hacker reached out and claimed to have infiltrated their server.
“The hacker exploited the company’s system vulnerabilities and threatened to obtain data pertaining to Hindu women, demanding money in return,” the police complaint said
On May 19, journalist Kalim Ahmad held a Telegram conversation with the alleged hacker (@weleakdatabase). When asked if they were aware that the sample data was being used to spread misinformation and stoke women’s fears, the hacker stated that “most of my buyers use [the data] for marketing purposes only.”
The hacker informed Ahmad that the breach was “not intended to harm the company’s database” and that they “responsibly reported the vulnerabilities to the company” but the company ignored their concerns, which prompted them to make the data public.
The Rajasthan police told media organizations that the Twitter handle Cyber Daku extorted $1,500 from Zivame. They say $1,000 of that was transferred to Soni and that the transactions were carried out with cryptocurrency.
“He has received crypto payments. We just have to link it,” Ummed Solanki, of the Cyber Crime Police Station in Jaipur City, told Daily Dot regarding the ongoing investigation.
“I received money in the form of cryptocurrency,” Soni argued. “I proved to the court that this was transferred to me as support for my social programs.”
He says he doesn’t know who paid him.
Solanki said Soni is a repeat offender.
“The way he tried [spread misinformation online with] the breach, he has done that earlier also. This is in his nature.”
“I never made it a Hindu-Muslim issue,” Soni told Daily Dot.
But on May 25, Soni posted screenshots of what he claimed was leaked data from the website of the Indian Railway Catering and Tourism Corporation’s (IRCTC) website, a government entity that provides train ticketing and catering services. Once again, he claimed details of Hindu women were scraped and sold on the dark web and in Muslim countries.
The Daily Dot accessed the sample Zivame data of around 1,500 users, which was being sold on Telegram. The data had information—including names, addresses, phone numbers, and email addresses—on both Hindu and Muslim customers, unlike Soni’s claims on Twitter.
The Daily Dot reached out to over 100 women from the sample data—Hindus and Muslims. No woman was aware of the breach but confirmed their personal details in the sample data to be correct.
Karan Saini, an independent security researcher based in Bangalore, said it makes no sense for a cybercriminal with financial motives to breach Zivame and sell stolen data to Muslims since Zivame is not a Hindu-specific website.
He said that to pull off a breach that only targets Hindu women, a hacker would have to run a very complex and error-prone machine-learning algorithm to extract that data.
“This algorithm would have to be trained on what we know to be Hindu names. So you will need a list of maybe a hundred thousand names and even then it’ll be wrong,” said Saini.
Zivame doesn’t ask users for their religion anywhere on the application or website.
When pressed, Soni backtracked on his claim that the sample data only had the data of Hindu women.
“There were Christian, Muslim, and Sikh women in the sample database,” he told Daily Dot, adding that he only wrote “Hindu women” in his tweet because he is working for their safety.
Since getting arrested by the police, Soni has stopped claiming the Zivame data breach was only targeting Hindu women.
But he still may have achieved his goal of sparking fear across the internet.
As Soni’s tweet went viral, panic spread among many Twitter users; Hindu men shared their outrage that women’s data had been “sold” to Muslims, and many men advised that women start buying lingerie and underwear from physical stores. Some even called it a national security issue.
“I am scared now, if my name is included or not. I brought some items recently from @Zivame,” one woman wrote.
“We all are scared now! How could they,” another user wrote.
“Can u plz provide some context? How do u know the details [have] been given to [Muslims]? coz it might be my details too…what’s being done about this?” said one female user.
“This is the biggest compromise of data ever of Hindu girls,” one Twitter user stated, tagging India’s Home Minister Amit Shah’s office and demanding he investigate.
Many Twitter users called it another attempt by Muslims to commit love jihad, a Hindu right-wing conspiracy that accuses Muslim men of luring Hindu women and converting them to Islam. Fears arose that the data could be used by Muslim men to track down Hindu women.
Modi’s top ministers publicly endorse this conspiracy targeted at Muslim men.
In 2020, a Muslim teenager was arrested under the love jihad law for merely walking with a Hindu friend. In the past two years, more than 500 people have been arrested for “love jihad.
The Zivame breach was also labeled data jihad, adding to a list of similar conspiracies that are floating online against Muslims, such as land jihad, business jihad, saliva jihad, flood jihad, and gaming jihad.
None of this appears to be the case here. But it didn’t matter to the internet.
Fact-checkers and reporters quickly pointed out to Soni that in the censored screenshot he shared of two Hindu women, one was actually a Muslim. But there were few people who believed the debunks, the internet working in favor of those who spread misinformation.
And Soni has continued to post and share provocative tweets following his release.
“After successfully exposing Zivame (which landed me in jail), Are you guys ready for the next expose??” he tweeted on June 19.
He appears undaunted, as his followers have bought into his false accusations.
When asked why he continues to publish such things on his Twitter account, Soni stated, “I haven’t done anything wrong. Why should I be scared?”
