Home » In Other News

Aadhaar Database Breached

Posted 5 Jan 2018 | Comments Off on Aadhaar Database Breached | 199 views

In  March of 2016, India passed the Aadhaar Act in an attempt to prevent fraud in obtaining government services. The purpose of the bill is to provide a unique identification number for all citizens obtaining services.  Under the law, everyone received a new 12 digit. Against the recommendations of security experts, they also collected detailed demographic and biometric data from enrollees. The UID number is required to setup new bank accounts and to make large bank transactions.

Unfortunately, as predicted, the database has been compromised. A reporter claims to have joined a WhatsApp group where Aadhaar data was being sold. The reported paid Rs 500 (just under US$ 8) to the group, and received access to view any Aadhaar UID. For an extra Rs 300, the reporter received software to print Aadhaar cards. The WhatApp group is selling access to a government portal that is intended to address grievances and fix data issues. With the portal, a malicious user can view and change name spelling, home address, email address, and phone numbers. Access to this information allows an attacker to steal the victim’s identity. UIDAI, the agency responsible for maintaining the database, asserts that the biometric data has not been compromised.

Comments are closed.