Politics

Reports of Data Breach Raise Questions About Aadhaar Security Yet Again

The Unique Identification Authority of India (UIDAI) denied reports that Aadhaar data was being sold on social media for Rs 500, and could be accessed in 10 minutes.

By

The alleged loopholes in security of Aadhaar data have caught the eyes of the public and the government alike, with the Unique Identification Authority of India (UIDAI) denying the newspaper report that the data was leaked. The Tribune newspaper, which carried out the investigation, posted another statement to UIDAI’s response, saying the authority has admitted that something is “amiss.”

The Tribune said: “UIDAI has admitted that a facility on their website has been ‘misused’. The fact is that it has been ‘misused’ to steal data…at will, for any Aadhaar number… Also, the tracking system obviously never realized that unauthorized people were accessing the data. And if FIRs are being contemplated, is that not an admission of something being amiss?”

The UIDAI said on Jan.4 that the Aadhaar security breach was “misreported” by the publication in the morning, in response to the report that claimed that its database was available for Rs 500 and could be accessed within 10 minutes.

The publication said its reporter was able to access names, email addresses, phone numbers and postal codes by typing in a 12-digit unique identification number in the government database. This was done after a payment of Rs 500, via Paytm, to a person who had made the reporters an offer for a software to print out the Aadhaar cards over WhatsApp. The software to print cards could be purchased for Rs 300.

This person was part of group that had access to the database through former workers who were asked to make the cards, the report said. Several groups were part of this scheme.

UIDAI released a statement saying that the case “appears to be an instance of misuse” of grievance redressal search facility. The authority has initiated a police complaint against people responsible for selling the access but assured in its statement that crucial data “including biometric information, is fully safe and secure. Mere display of demographic information can’t be misused without biometrics.”

Claims of bypassing or duping the Aadhaar enrollment system are totally unfounded, the authority added.

Sanjay Jindal, Additional Director-General, UIDAI Regional Centre, Chandigarh, told the newspaper: “Except the Director-General and I, no third person in Punjab should have a login access to our official portal. Anyone else having access is illegal, and is a major national security breach.”

Aadhaar, India’s biometric ID program, is the BJP-led government’s flagship agenda aimed to be used as means to prevent fraud and corruption.

This is not the first time Aadhaar has come under the scanner for fears of privacy breach and the government’s ability to protect citizens from hackers. Cases of leak of user information from government websites have been reported earlier.

There are more than 1.19 billion Aadhaar card holders in the country.

As the Indian government makes Aadhaar registration mandatory for access to many crucial government services, such reports of security breaches have stoked fear in people, many of whom took to social media to voice their opinions.

National Security Agency (NSA) whistleblower Edward Snowden also posted his views on Twitter.

Leave a Reply

Your email address will not be published. Required fields are marked *