UIDAI probing reported Aadhaar data breach, but denies information leak

Natural Tendency Of Govts To'Desire Perfect Records Of Private Lives, Says Edward Snowden On Aadhaar

The Tribune on Thursday reported that the newspaper could access Aadhaar database and was able to buy login credentials to the UIDAI database. The authority has initiated a police complaint against people responsible for selling the access but assured in its statement that crucial data "including biometric information, is fully safe and secure".

The authority said it had given search facility for the goal of grievance redressal to designated personnel and state government officials to help residents.

"UIDAI maintains complete log and traceability of the facility", the government-backed agency said, adding that "FIR will be lodged against the misuse of grievance redressal system".

The reported case appears to be an instance of misuse of the grievance redressal search facility.

The UIDAI says the breach seems to be a misuse of a grievance redressal scheme that allowed Aadhaar agents to rectify issues like a change in address and wrong spelling of a person's name. This includes details of a person's name, address, phone number, photo, and email address. On top of this, "Aadhaar is not a secret number", UIDAI's Pandey said, drawing comparisons with a bank account number, the knowledge of which by a rogue party, he said, can not hurt the victim. But that does not mean that the proper use of Aadhaar number poses a security or financial threat.

"Claims of bypassing or duping the Aadhaar enrolment system are totally unfounded". "The Aadhaar data including biometric information is fully safe and secure", UIDAI claimed. The UIDAI Data Centres are an infrastructure of critical importance and are protected accordingly with high technology conforming to the best standards of security and also by legal provisions.

The newspaper claimed that it bought the Aadhaar details from someone who is running a WhatsApp group. He pointed out that even if an unauthorised personnel gains access to the Aadhaar database, they can only look up information of people whose Aadhaar number, a unique 12-digit ID, they already have in their possession.

Tribune suggested that software is also being sold online that can generate fake Aadhaar cards, an identity document that is required to access an increasing number of government services, including free meals. Initially, the CSCS was entrusted for making Aadhaar cards, but their job was taken over and given to post offices and designated banks in November to avoid security breaches.



Other news