EPFO Suspends Aadhaar-Seeding Portal After Reports Of Data Leak Of 2 Crore Members

The Logical Indian Crew

May 4th, 2018

Image Source: moneycontrolpunjabi

The Employees’ Provident Fund Organization (EPFO), a government-run body, was the latest target of cyber hackers. Personal data from one of the Aadhaar-seeding portals of the EPFO was stolen by hackers in March this year and the details of over 2 crore members of EPFO who had linked their PF accounts to their Aadhaar numbers were stolen, reported Business Standard

After the Intelligence Bureau (IB) flagged concerns of possible data theft by hackers, the Aadhaar-seeding portal of EPFO has been shut down.


How the breach came to light 

The IB had informed the Ministry of Labour and Employment in March about the breach. This issue came to light when a letter by the Central Provident Fund Commissioner V P Joy to the Common Service Centre (CSC) Chief Executive Dinesh Tyagi on March 23 was leaked. The ‘secret’ letter has been doing the rounds on Twitter.



“I am not aware of any data leak,” Joy said. “We received a warning from the IB on March 22, and so I forwarded it to the relevant authorities the next day. This is a routine administrative matter,” he told Business Standard.


About the Aadhaar-seeding portal

EPFO had to shut down the Aadhaar-seeding website temporarily. The portal (aadhaar.epfoservices.com), managed by the Common Service Centre (CSC), used to help formal sector workers link their Aadhaar numbers with EPFO’s Universal Account Number (UAN) through CSC outlets. It also helped EPFO pensioners to submit their digital life certificates.


The blame game

“The web portal has been closed one-and-a-half months ago, immediately after a possible data theft was reported to us during a process of routine security check. There was some problem in the application run by CSC, and it is not related to our data centre that maintains the EPF accounts,” Joy said to Business Standard on May 2.

Tyagi said to PTI that while the said application had been designed by the CSC, it was now hosted on EPFO data centres and servers. The site was shut down by EPFO on March 22, asking the CSC to secure the confidential data of employees. The possible data leak may include employees’ Aadhaar number, name, date of birth, father’s name, PAN, employment details, among others.

Unique Identification Authority of India (UIDAI) said that the alleged data breach took place on a website that does not belong to it. “This matter does not pertain at all to any Aadhaar data breach from UIDAI servers,” said the UIDAI in a press statement.


Brief history of data breach cases

This incident comes at a time when the Supreme Court is hearing petitions challenging the constitutional validity of the Aadhaar Act. There have been various incidents where Aadhaar data has been at risk.

In January 2018, The Tribune reported how Aadhaar data was available for just Rs 500. After that, India Today reported Aadhaar data being sold in villages for Rs 2-5. Later, French security researcher Robert Baptiste tweeted about the availability of Aadhaar numbers online by running a simple code.


Also published on Medium.

Share your thoughts..

Propelled by

VOLVO

Make Your City Safe

Related Stories

Another Aadhaar Data Leak From AP Website Reveals Bank Details, Phone Numbers, Religion Of 1.3 Lakh People

Supreme Court Aadhar Mobile

Govt Accepts Supreme Court Never Made Linking Aadhaar to Mobile Compulsory

Twitter Knows Everything About UIDAI CEO, Why? Because He Gave His Authentication Log To SC

Baal Aadhaar

UIDAI Introduces Blue Coloured ‘Baal Aadhaar’ For Kids Below 5 Years, Know About It

“Aadhaar Doesn’t Certify Identity, Biometric Data Stored Not Unique”: UIDAI In RTI Reply

Woman Complains Of Aadhaar Getting Linked To 9 Mobile No. Without Her Knowledge, UIDAI Replies, “Now You Know’’

Latest on The Logical Indian

News

Man Accused Of Robbing Paraded Naked By Delhi Police After He Allegedly Tried To Flee In Towel

Fact Check

AP: Fake WhatsApp Forward Of Child Kidnappers Takes Life Of A Man, Five Critically Injured

Exclusive

Meet Bangalore’s Bicycle Mayor Who Has Been Spearheading The Movement Of Sustainable Transport For 6 Years

Awareness

This Is How Incense Sticks Pollution Is Damaging Your Health

News

Supreme Court Imposes Rs 1 Lakh Fine On Google, Facebook, WhatsApp Over Handling Of Sexually Abusive Content

Environment

10 Dead And 50 Injured On The 100th Day Of Protest Against Vedanta’s Sterlite In Tamil Nadu