Bengaluru: Techie Arrested For Stealing Aadhaar Info Of 40,000 People Using Self-Made App

Supported by

A 31-year-old techie, Abhinav Srivastava, had been detained by the Bengaluru city police on 1 August on the charge of accessing sensitive Aadhaar data, reports The Hindu.

A complaint was filed against him by the Unique Identification Authority of India (UIDAI) last week.

Srivastav is currently employed as a software engineer. He was accused of accessing sensitive Aadhaar information in January this year through an app called ‘Aadhaar e-KYC’, which was available on the Google Play store until recently. The app was created by Srivastava himself.

He had made use of the services of another app, ‘e-hospital’, which is listed as an authenticated user agency (AUA) authorised to access UIDAI data.

Demographic data including details like address, mobile phone number, email address, age and sex of at least 40,000 Aadhaar cardholders have been allegedly stolen by Srivastava. Although he has not accessed any biometric data like fingerprints and iris scans, the police said.

There are around 400 entities which have been authorised to make use of the data for authentication; Srivastava’s app was not one of them.

The case was transferred to the City Cyber Crime Police Station on 29 June. The police have found that five more apps were made by Srivastava, who has earned around Rs 40,000 from the advertisements. The ‘Aadhar e-KYC’ app has been downloaded 50,000 times from the Google Play Store since its inception in the month of January.

“Six teams of police comprising 26 personnel arrested Mishra from Koramangala after a week the complaint has been lodged,” S Ravi, Additional Commissioner of Police (Crime) told The Logical Indian.

The police have seized a CPU, four laptops, a tablet, four mobile phones, six pen drives from Srivastava.

Srivastava’s background

Hailing from Kanpur, Srivastava is an IIT-Kharagpur graduate in Industrial Chemistry and now stays in Yeshwantpur, Bengaluru. He launched Qarth Technologies in 2012, which got shut down in 2016 because of financial reasons, before being acquired by Ola.

Srivastava, to give his ‘Aadhaar e-KYC’ app an air of authenticity, hacked into the server of the NIC, which houses the e-hospital system that is a solution for government hospitals to handle patient care and other services (including medical records management).

As part of its regulations, UIDAI grants certain agencies the title of an Authentication User Agency (AUA) which can then provide Aadhaar-enabled services to the card holder. For authentication, these agencies have to connect to the Central Identities Data Repository (CIDR) through the services of an Authentication Service Agency (ASA). ASAs are bound by regulations that stipulate encryption of data and logging of access.

Srivastava made use of this server to route his app requests for data access and managed to get his hands on the data.

The Logical Indian take

The fact that a software engineer can access classified Aadhar data raises serious questions about the measures in place to protect the data.

With this incident about the IIT techie accessing Aadhaar data coming to fore, The Logical Indian community wishes to reiterate its stance that Aadhaar being a goldmine of information, its getting into the wrong hands will have catastrophic consequences.

There should be strict action taken against those responsible for these breaches. And the government should ensure that such violations of privacy and of the Aadhaar Act do not take place in the future.

#PoweredByYou We bring you news and stories that are worth your attention! Stories that are relevant, reliable, contextual and unbiased. If you read us, watch us, and like what we do, then show us some love! Good journalism is expensive to produce and we have come this far only with your support. Keep encouraging independent media organisations and independent journalists. We always want to remain answerable to you and not to anyone else.

Leave a Reply

Your email address will not be published. Required fields are marked *

Featured

Amplified by

P&G Shiksha

P&G Shiksha Turns 20 And These Stories Say It All

Amplified by

Isha Foundation

Sadhguru’s Meditation App ‘Miracle of Mind’ Hits 1 Million Downloads in 15 Hours, Surpassing ChatGPT’s Early Growth

Recent Stories

Denied Tree-Cutting Permit, Bihar Authorities Build ₹100 Crore Road Curving Around Trees

38 Hours After Ahmedabad Crash, Air India Boeing 777 Drops 900 Ft Post-Takeoff; DGCA Grounds Pilots, Launches Probe

Delhi Court Closes CBI Probe in JNU Student Najeeb Ahmed’s 2016 Disappearance; Mother Vows to Keep Fighting

Contributors

Writer : 
Editor : 
Creatives :