1. UIDAI admits 210 government websites made Aadhaar details public

UIDAI admits 210 government websites made Aadhaar details public

The Unique Identification Authority of India (UIDAI) has admitted that Aadhaar details were leaked on over 200 central and state government websites.

By: | Updated: November 20, 2017 4:53 PM
The Unique Identification Authority of India (UIDAI) has admitted that Aadhaar details were leaked on over 200 central and state government websites. (Image: Reuters)

The Unique Identification Authority of India (UIDAI) has admitted that Aadhaar details were made public on over 200 central and state government websites. According to an RTI reply, these websites publicly displayed name, address and other details of Aadhaar beneficiaries, which was removed when the breach was identified.

However, UIDAI does not have information about the time of the breach. It also said that Aadhaar details have never been made public by UIDAI. “However, it was found that approximately 210 websites of the central government, state government departments including educational institutes were displaying the list of beneficiaries along with their name, address, other details and Aadhaar numbers for information of the general public,” it said.

UIDAI issues Aadhaar — a 12-digit unique identification number — which acts as a proof of identity and addresses anywhere in the country. Lately, Aadhaar has been creating furore for security and privacy reasons, especially after the Narendra Modi government began aggressively pushing the identification number to be linked with social benefits, banks, PAN, mobile number et al. In a landmark judgement this August, the Supreme Court ruled that privacy was a fundamental right of citizens, weakening the case for pushing Aadhar.

Currently, cases are being heard in the apex court on linking Aadhaar to banks and mobile numbers. In May, the Centre for Internet and Society had claimed that Aadhaar numbers of as many as 135 millions could have been leaked. “Based on the numbers available on the websites looked at, the estimated number of Aadhaar numbers leaked through these four portals could be around 130-135 million,” the report by CIS had said. Further, as many as 100 million bank account numbers could have been “leaked” from the four portals, it had added.

UIDAI and the government had been vehemently denying that Aadhaar details can be leaked despite apprehension from different sections of society. Soon after the RTI reply appeared in media, UIDAI refuted the news of leaks, calling it a “skewed presentation of facts. “Such report is a skewed presentation of the facts and poses as if the Aadhaar data is breached or leaked which is not the true presentation. Aadhaar data is fully safe and secure and there has been no data leak or breach at UIDAI,”  press release by PIB said.

It said that the data on these websites was placed in public domain as a measure of proactive disclosure under the RTI Act.

  1. R
    Reader
    Nov 20, 2017 at 10:28 pm
    Aadhaar is NOT a panacea but a frankenstein: The biometrics-based Aadhaar program is inherently flawed. Biometrics can be easily lifted by external means, there is no need to hack the system. High-resolution cameras can capture your fingerprints and iris information from a distance. Every eye hospital will have iris images of its patients. So another person can CLONE your fingerprints and iris images without your knowledge, and the same can be used for authentication. That is why advanced countries like the US, UK, etc. did not implement such a self-destructive biometrics-based system. If the biometric details of a person are COMPROMISED ONCE, then even a new Aadhaar card will not help that person. This is NOT like blocking an ATM card and taking a new one.
    Reply
    1. R
      Reader
      Nov 20, 2017 at 10:27 pm
      UK’s Biometric ID Database was dismantled. Why the United Kingdom's biometrics-linked National Identi-ty Card project to create a centralized register of sensitive information about residents similar to Aadhaar was scrapped in 2010?? The reasons were the massive threat posed to the privacy of people, the possibility of a surveillance state, the dangers of maintaining such a huge centralized repository of personal information and the purposes it could be used for, the dangers of such a centralized database being hacked, and the unreliability of such large-scale biometric verification processes. The Aadhaar program was designed in 2009 by mainly considering the 'Identi-ty Cards Act 2006' of UK, but the UK stopped that project in 2010, whereas India continued with the biometrics-based program. We must think why the United Kingdom abandoned their project and destroyed the data collected. (Google: 'Identi-ty Cards Act 2006' and 'Identi-ty Documents Act 2010' )
      Reply
      1. R
        Reader
        Nov 20, 2017 at 10:27 pm
        A centralized and inter-linked biometric database like Aadhaar will lead to profiling and self-censorship, endangering freedom. Personal data gathered under the Aadhaar program is prone to misuse and surveillance. Aadhaar project has created a vulnerability to identi-ty fraud, even identi-ty theft. Easy harvesting of biometrics traits and publicly-available Aadhaar numbers increase the risk of impersonation, especially online and banking fraud. Centralized databases can be hacked. Biometrics can be cloned, copied and reused. Thus, BIOMETRICS CAN BE FAKED. High-resolution cameras can capture your fingerprints and iris information from a distance. Every eye hospital will have iris images of its patients. So another person can clone your fingerprints and iris images without your knowledge, and the same can be used for authentication. If the Aadhaar scheme is NOT STOPPED by the Supreme Court, the biometric features of Indians will soon be cloned, misused, and even traded.
        Reply
        1. R
          Reader
          Nov 20, 2017 at 10:26 pm
          The US Social Security Number (SSN) card has NO BIOMETRIC DETAILS, no photograph, no physical description and no birth date. All it does is confirm that a particular number has been issued to a particular name. Instead, a driving license or state ID card is used as an identification for adults. The US government DOES NOT collect the biometric details of its own citizens for the purpose of issuing Social Security Number. The US collects the fingerprints of only those citizens who are involved in any criminal activity (it has nothing to do with SSN), and the citizens of other countries who come to the US.
          Reply
          1. S
            Sadasivan
            Nov 20, 2017 at 5:12 pm
            NDA's weakness is HASTE to please the G 20,US Digital Cos,BTCA,USAID,etc.Like in GST,Demon,it HAS damaged AADHAAR And peoples' PRIVACY.
            Reply
            1. S
              Sadasivan
              Nov 20, 2017 at 5:05 pm
              UIDAI did not prevent loopholes And did not foresee. That is it is NOT PRO_ACTIVE.the leak is due to UIDAI's fault,As the CRITICAL ORG responsible for PRIVACY to be maintained,it should have foreseen ll scenarios.. Excuses, cannot be tolerated.The damage has bee done..
              Reply
              1. Load More Comments

              Go to Top