Politics
Reports of Data Breach Raise Questions About Aadhaar Security Yet Again
The Unique Identification Authority of India (UIDAI) denied reports that Aadhaar data was being sold on social media for Rs 500, and could be accessed in 10 minutes.
The alleged loopholes in security of Aadhaar data have caught the eyes of the public and the government alike, with the Unique Identification Authority of India (UIDAI) denying the newspaper report that the data was leaked. The Tribune newspaper, which carried out the investigation, posted another statement to UIDAI’s response, saying the authority has admitted that something is “amiss.”
The Tribune said: “UIDAI has admitted that a facility on their website has been ‘misused’. The fact is that it has been ‘misused’ to steal data…at will, for any Aadhaar number… Also, the tracking system obviously never realized that unauthorized people were accessing the data. And if FIRs are being contemplated, is that not an admission of something being amiss?”
The UIDAI said on Jan.4 that the Aadhaar security breach was “misreported” by the publication in the morning, in response to the report that claimed that its database was available for Rs 500 and could be accessed within 10 minutes.
The publication said its reporter was able to access names, email addresses, phone numbers and postal codes by typing in a 12-digit unique identification number in the government database. This was done after a payment of Rs 500, via Paytm, to a person who had made the reporters an offer for a software to print out the Aadhaar cards over WhatsApp. The software to print cards could be purchased for Rs 300.
This person was part of group that had access to the database through former workers who were asked to make the cards, the report said. Several groups were part of this scheme.
UIDAI released a statement saying that the case “appears to be an instance of misuse” of grievance redressal search facility. The authority has initiated a police complaint against people responsible for selling the access but assured in its statement that crucial data “including biometric information, is fully safe and secure. Mere display of demographic information can’t be misused without biometrics.”
Claims of bypassing or duping the Aadhaar enrollment system are totally unfounded, the authority added.
No #Aadhaar data breach; Aadhaar data including biometric information is fully safe and secure: @UIDAI, denying report by @thetribunechd, saying it is a case of misreporting 1/2 pic.twitter.com/2d4ORHqqMh
— PIB India (@PIB_India) January 4, 2018
Sanjay Jindal, Additional Director-General, UIDAI Regional Centre, Chandigarh, told the newspaper: “Except the Director-General and I, no third person in Punjab should have a login access to our official portal. Anyone else having access is illegal, and is a major national security breach.”
Aadhaar, India’s biometric ID program, is the BJP-led government’s flagship agenda aimed to be used as means to prevent fraud and corruption.
This is not the first time Aadhaar has come under the scanner for fears of privacy breach and the government’s ability to protect citizens from hackers. Cases of leak of user information from government websites have been reported earlier.
There are more than 1.19 billion Aadhaar card holders in the country.
As the Indian government makes Aadhaar registration mandatory for access to many crucial government services, such reports of security breaches have stoked fear in people, many of whom took to social media to voice their opinions.
The perils of making Aadhaar mandatory and linking it to bank accounts, as insisted upon by Modi govt, are visible here. Do we need more proof to stop this madness? https://t.co/9OEbitCmDO
— Sitaram Yechury (@SitaramYechury) January 4, 2018
Dear person who tried to hack into my FB last night (and failed), try hacking entire India’s Aadhaar data – might be easier it seems.
Just Rs 500 and the ENTIRE database is accessible. https://t.co/ai0VlF2VQe
— वरुण (@varungrover) January 4, 2018
Tribune’s report suggesting the data breach at @UIDAI is fake news! pic.twitter.com/qtOzNIq7zH
— BJP (@BJP4India) January 4, 2018
This is dangerous and criminal negligence of data security. Kudos to the reporter for unveiling the racket. A crackdown on the culprits& a corrective step is imperative: Rs 500, 10 minutes, and you have access to billion Aadhaar details https://t.co/XiYWrzs04H via @thetribunechd
— Nitin A. Gokhale (@nitingokhale) January 4, 2018
‘AADHAR’ data breached yet again!
As every citizen’s personal information is exposed to hackers everyday & ‘Right to Privacy’ is mocked and flouted with impunity, Modi Govt remains immune.
Is anyone listening?https://t.co/UDSfOlSWv9
— Randeep S Surjewala (@rssurjewala) January 4, 2018
National Security Agency (NSA) whistleblower Edward Snowden also posted his views on Twitter.
It is the natural tendency of government to desire perfect records of private lives. History shows that no matter the laws, the result is abuse. https://t.co/7HSQSZ4T3f
— Edward Snowden (@Snowden) January 4, 2018