EPFO Suspends Aadhaar-Seeding Portal After Reports Of Data Leak Of 2 Crore Members

The Logical Indian Crew

May 4th, 2018 / 11:26 AM

Image Source: moneycontrolpunjabi

The Employees’ Provident Fund Organization (EPFO), a government-run body, was the latest target of cyber hackers. Personal data from one of the Aadhaar-seeding portals of the EPFO was stolen by hackers in March this year and the details of over 2 crore members of EPFO who had linked their PF accounts to their Aadhaar numbers were stolen, reported Business Standard

After the Intelligence Bureau (IB) flagged concerns of possible data theft by hackers, the Aadhaar-seeding portal of EPFO has been shut down.


How the breach came to light 

The IB had informed the Ministry of Labour and Employment in March about the breach. This issue came to light when a letter by the Central Provident Fund Commissioner V P Joy to the Common Service Centre (CSC) Chief Executive Dinesh Tyagi on March 23 was leaked. The ‘secret’ letter has been doing the rounds on Twitter.



“I am not aware of any data leak,” Joy said. “We received a warning from the IB on March 22, and so I forwarded it to the relevant authorities the next day. This is a routine administrative matter,” he told Business Standard.


About the Aadhaar-seeding portal

EPFO had to shut down the Aadhaar-seeding website temporarily. The portal (aadhaar.epfoservices.com), managed by the Common Service Centre (CSC), used to help formal sector workers link their Aadhaar numbers with EPFO’s Universal Account Number (UAN) through CSC outlets. It also helped EPFO pensioners to submit their digital life certificates.


The blame game

“The web portal has been closed one-and-a-half months ago, immediately after a possible data theft was reported to us during a process of routine security check. There was some problem in the application run by CSC, and it is not related to our data centre that maintains the EPF accounts,” Joy said to Business Standard on May 2.

Tyagi said to PTI that while the said application had been designed by the CSC, it was now hosted on EPFO data centres and servers. The site was shut down by EPFO on March 22, asking the CSC to secure the confidential data of employees. The possible data leak may include employees’ Aadhaar number, name, date of birth, father’s name, PAN, employment details, among others.

Unique Identification Authority of India (UIDAI) said that the alleged data breach took place on a website that does not belong to it. “This matter does not pertain at all to any Aadhaar data breach from UIDAI servers,” said the UIDAI in a press statement.


Brief history of data breach cases

This incident comes at a time when the Supreme Court is hearing petitions challenging the constitutional validity of the Aadhaar Act. There have been various incidents where Aadhaar data has been at risk.

In January 2018, The Tribune reported how Aadhaar data was available for just Rs 500. After that, India Today reported Aadhaar data being sold in villages for Rs 2-5. Later, French security researcher Robert Baptiste tweeted about the availability of Aadhaar numbers online by running a simple code.


Also published on Medium.


Contributors

Written by : Ruchika Jha

Edited by : Pooja Chaudhuri

Share your thoughts..

Related Stories

Data Protection Bill

TLI Explains: Know About India’s Draft Data Privacy Bill Which Seeks To Prevent Misuse Of Personal Data

Fake Digital India Website

Fake ‘Digital India’ Portal Makes Rs 11 Crore Duping People; Know How They Pull It Off

EPFO Amount Invested

Total Amount Invested By EPFO As On June, 2018 Is Rs. 48,946 Cr : Labour Minister

After Athletes’ Outrage, Haryana Govt Suspends Earlier Order Asking 33% Of Their Income

Another Aadhaar Data Leak From AP Website Reveals Bank Details, Phone Numbers, Religion Of 1.3 Lakh People

5.6 Lakh Indian Users Affected By Data Breach; Facebook Introduces Tools For Users To Secure Data

Latest on The Logical Indian

News

Netherlands: 19-Yr-Old Inhales Deodorant, Dies Of Cardiac Arrest

News

CBI Vs CBI: SC Says Only Alok Verma Can Respond To CVC Report

News

Sabarimala: After 11 Hrs At Cochin Airport, Trupti Desai Flies Back Home

News

Uttarakhand: Caught On Camera Giving Money, BJP MLA Justifies The ‘Age-Old Tradition’

News

Jharkhand: Scared Of Maoists, Students Carry Bow & Arrow To School

News

Elephant Population Decline: SC Asks States To Collect Data On ‘Captive’ Elephants

x

Stories that deserve attention, delivered to your inbox!

Handpicked, newsworthy stories which deserve the attention of a rational generation.