Report Says You Can Access Billion Aadhaar Details With Just Rs 500, UIDAI Denies Breach

The Logical Indian Crew

January 4th, 2018 / 4:00 PM

Courtesy: The Tribune | Image Credit: The Times of India

How safe is your personal data on Aadhaar? The answer to that question is that The Tribune purchased with a meagre sum of Rs 500 the Aadhaar details of more than 1 billion people in India.

Only last November the UIDAI asserted that “Aadhaar data is fully safe and secure and there has been no data leak or breach at UIDAI.” The Tribune conducted an investigation and purchased a service from anonymous sellers over WhatsApp that gave unrestricted access to everybody’s Aadhaar data.

The Tribune correspondent posed as a buyer and made a payment via PayTm of Rs 500 to an “agent” of the group running the racket in Chandigarh. Then the agent created a “gateway” for this correspondent and gave a login ID and password. After the login and password were given, one could enter any Aadhaar number and the information could be accessed. Details such as address, phone number, age, name, photos, postal code (PIN) and email were all public. 

With an additional Rs 300 the agent provided a “software” that could facilitate the printing of Aadhaar cards after entering the Aadhaar number of any individual.


Security Breach

When The Tribune contacted the UIDAI officials in Chandigarh, they expressed shock and admitted that there has been such a huge security breach.

Sanjay Jindal, Additional Director-General, UIDAI Regional Centre, Chandigarh, accepting that this was a lapse and told The Tribune, “Except the Director-General and I, no third person in Punjab should have a login access to our official portal. Anyone else having access is illegal, and is a major national security breach.”

Even though the UIDAI officials in Chandigarh accepted the breach, UIDAI said in a statement, “UIDAI reassures that there has not been any data breach of biometric database which remains fully safe and secure with the highest encryption at UIDAI and mere display of demographic information cannot be misused without biometrics,” The Indian Express reported. 


Racket running for over 6 months

The investigation revealed that the racket has been running for over 6 months now. First, anonymous groups were created on WhatsApp. Then they targeted 3 lakh village-level enterprise (VLE) operators hired by the Ministry of Electronics and Information Technology (ME&IT) under the Common Service Centres Scheme (CSCS) across India, offering them access to UIDAI data.

CSCS officials were initially given the task of making Aadhaar cards in India, but later they were withdrawn from the task. Post offices and designated banks were taking care of it. This shift was done to ensure there were no security breaches in Aadhaar.

To make most of the opportunity, almost 1 lakh VLEs decided to still continue making Aadhaar cards for people for a fee.

Time and time again the government has told people that Aadhaar is completely safe and there was no possibility of a security breach. But, this investigation proves that it takes just Rs 500 to prove them wrong.


The Tribune replies to UIDAI’s response

After the article was done by The Tribune, UIDAI reiterated and said the article was misreported. They kept on assuring that the details of Aadhaar were safe and there has been no security breach. The Tribune pointed out the loopholes in UIDAI’s reply. Read the full report here.


Contributors

Written by : Poorbita Bagchi

Edited by : Pooja Chaudhuri

Share your thoughts..

Related Stories

Aadhaar Software Hacked

No Operator Can Make Or Update Aadhaar Unless Resident Himself Gives His Biometric: UIDAI On Software Hacking

Aadhaar

UIDAI To Impose 18% GST For Updating Aadhaar

Woman Complains Of Aadhaar Getting Linked To 9 Mobile No. Without Her Knowledge, UIDAI Replies, “Now You Know’’

virtual id

Amid Allegations Of Data Breach, UIDAI Introduces 16-Digit Virtual ID To Address Privacy Concerns

UIDAI Publicly Lies About “Mandatory” Linking Of Aadhaar With Mobile SIM, Misquotes SC Order

Ten Men Arrested For Making Fake Aadhaar Cards By Hacking Biometric Security Settings Of UIDAI

Latest on The Logical Indian

News

#Metoo: Anti-Rape Crusader In The Kathua Case, Talib Hussain, Accused Of Raping Multiple Women

Awareness

Rs 11,000 Cr Loan Sanctioned Under PM Modi’s Flagship MUDRA Scheme Turns Into Bad Loan

News

Amritsar Tragedy: Woman Saves 10-Month-Old Baby Flung Into Air Moments Before The Train Hit His Father

Get Inspired

Pune: 14-Yr-Old Girl Puts School Peon Behind Bars Who Molested And Forced Girls To Watch Porn

Awareness

How Recycling Waste Flowers Gave These Dalit Women Dignity Of Labour

News

One More Labourer Loses His Life While Cleaning Sewer In Delhi

x

Stories that deserve attention, delivered to your inbox!

Handpicked, newsworthy stories which deserve the attention of a rational generation.