As the deadline for linking Aadhaar with financial services and other services is nearly approaching, a new report in “The Tribune” suggests a serious data leak of a billion users’ Aadhaar data. A service is being offered by an anonymous agent over a WhatsApp group, which is providing an unrestricted access to Aadhaar data of over a billion Indian citizens, The Tribune reported.
A group running this racket reportedly created a Gateway and allowed The Tribune team to access the Aadhaar data of any citizen which includes Name, Address, Postal Code, Photo, Phone Number and an email. All of this for mere a ₹500 which were transferred to an agent through Paytm. Moreover, printing of Aadhaar card was facilitated for the Tribune correspondent posing as a buyer by providing ₹300 more.
Sanjay Jindal who is an Additional Director-General at UIDAI Regional Centre in Chandigarh affirmed that no one except Director General and himself should have access to the portal. UIDAI responding to the report claimed that there had been no data breach and reaffirmed that the data is safe and secure. However, UIDAI accepted that the search facility was provided to the designated personnel and state government officials as a part of grievance redressal facility which is being misused to gain illegal access to Aadhaar data. UIDAI specified that the biometric data is still secure and the grievance redressal system gives away limited details of Aadhaar.
UIDAI clarified that Aadhaar number is not a secret number and can be shared with authorized agencies whenever a Aadhaar holder wishes to avail certain services.
Privacy of billion users at risk
While BJP calling the breach a fake news and UIDAI continue to be denying the claims of unauthorized access, a FIR was filed by UIDAI in this data leak case. It raises questions over the security of one of the largest personal data of Indian citizens. Reports suggested that the groups were created on Social Media to provide Aadhaar Services for a nominal ₹500 which were believed to be using Village-level-enterprise operators under Common Service Center scheme. UIDAI claimed that it maintains the traceability logs and will be able to track down the misuse. An Investigation has already begun to look into this which is certainly a major national data breach.
Tribune’s Story “Rs 500, 10 minutes, and you have access to billion Aadhaar details” is a case of misreporting. No biometric data breach @thetribunechd @rsprasad @ceo_uidai @timesofindia @firstpost @IndiaToday @ZeeNews
— Aadhaar (@UIDAI) January 4, 2018
— The Tribune (@thetribunechd) January 4, 2018