Monday, 20 November 2017

210 Govt. Websites Leaked Aadhaar Data, UIDAI Admits! Here’s How You Can Be Safe

Aadhaar details of some citizens were leaked on 210 government websites, an RTI query reveals. The timeline or scale of the breach, which could make beneficiaries vulnerable to identity theft, has not been specified, but the Unique Identification Authority of India said authorities had removed affected citizens' data from these sites. To prevent fraud, the government is now considering allowing the use of dummy numbers instead of Aadhaar for various transactions. Aadhaar is now mandatory for everything from mobile connections to death certificates despite some challenging its legal basis.

UIDAI admits 210 government websites made Aadhaar details public

The Unique Identification Authority of India (UIDAI) has admitted that Aadhaar details were leaked on over 200 central and state government websites.


The Unique Identification Authority of India (UIDAI) has admitted that Aadhaar details were leaked on over 200 central and state government websites. (Image: Reuters)


The Unique Identification Authority of India (UIDAI) has admitted that Aadhaar details were made public on over 200 central and state government websites. According to an RTI reply, these websites publicly displayed name, address and other details of Aadhaar beneficiaries, which was removed when the breach was identified.

However, UIDAI does not have information about the time of the breach. It also said that Aadhaar details have never been made public by UIDAI. “However, it was found that approximately 210 websites of the central government, state government departments including educational institutes were displaying the list of beneficiaries along with their name, address, other details and Aadhaar numbers for information of the general public,” it said.

We have been reporting instances wherein Aadhaar data of Indian citizens were found on various portals belonging to the Govt.


UIDAI Admits Aadhaar Data Leaked

Since last few months, we have been reporting instances wherein Aadhaar data of Indian citizens were found on various portals, that too belonging to the Govt.

UIDAI, the nodal authority on Aadhaar, had been either denying the allegations or saying that there is nothing to worry.

However, now, the decks have been cleared. UIDAI has admitted that 210 Govt. websites indeed showcased private Aadhaar data.

Meanwhile, very few are aware, but UIDAI has provided a feature using which you can lock your Aadhaar biometric access of data, which will ensure that no unauthorized usage happens.

We will shortly reveal the method..

UIDAI: Aadhaar Data Displayed On 210 Govt. Websites

After a person filed a RTI query to UIDAI, regarding the public display of Aadhaar data, UIDAI replied that 210 Govt. websites have showcased such data, by accident.

In their reply, UIDAI said,

“However, it was found that approximately 210 websites of central government, state government departments including educational institutes were displaying the list of beneficiaries along with their name, address, other details and Aadhaar numbers for information of general public,”

We had reported how Jharkhand Govt’s website displayed more than a million rows of Aadhaar data on their website, and how Govt. departments are accidentally showcasing millions of Aadhaar data rows, all available for the public to download.

Last year, in March, Govt. had admitted that Aadhaar data is being leaked, but no official confirmation was received. Later, in July this year, this admittance was once again reported, this time in Parliament.

However, now, as UIDAI has officially stated and admitted about Aadhaar leak, the matter is indeed alarming.

As per the RTI reply, UIDAI is doing everything possible to stop such accidental data leak, and to ensure that data is protected.

UIDAI said,

“UIDAI has a well-designed, multi-layer approach, robust security system in place and the same is being constantly upgraded to maintain the highest level of data security and integrity,”

Govt. of India has already ‘prohibited’ putting Aadhaar data online, even as reports keep coming that CIA wants to steal Aadhaar data.

This How You Can Lock Your Aadhaar Biometric Access (Use with caution!)

Unknown to several, the Aadhaar authority has provisioned a system, wherein users of Aadhaar card can simply lock  their biometric access, and stop any unauthorized usage.

Once locked, biometric access can be granted only when the user approves it, via OTP method.

In order to lock your Aadhaar, you need to visit here, and then login using your Aadhaar number and registered mobile number.

Once OTP is approved, you can lock your Aadhaar biometric access.

However, UIDAI has cautioned that locking your Aadhaar biometric access can ‘prevent denial of Authentication services’. This is strange, because UIDAI themselves have stated that this can be temporarily unlocked, when there is some actual authentication to be done.

Once locked, you can also disable this option, right there (after another OTP based verification).

Some users on Reddit India have claimed that once locked, access to biometric authentication becomes tough.

Hence, it seems that system is not yet completely fine-tuned, and locking biometric access feature has some issues right now.

In case you have any urgent biometric authentication requirement, then we will not suggest using this, as UIDAI themselves are not sure about this.

Use this option at your discretion.

Previous Post
Next Post

0 comments: