India’s national identity database hacked

In News

India’s central biometric database, which holds data of more than one billion citizens, has apparently been breached by hackers and this Aadhaar breach has compromised personal data of over one billion Indian citizens which is apparently on sale for less than $8.

According to an investigation by India’s Tribune newspaper, the Aadhaar biometric database has been compromised, with hackers installing a gateway into the database and selling access to personal identity data for as little as 500 rupees ($7.89). Journalists for the Tribune were able to buy personal data via WhatsApp.

The Unique Identification Authority of India (UIDAI), which is responsible for Aadhaar, has denied that sensitive data has been hacked, but the Tribune investigation by was able to purchase users data.
The illicit portal into the database enables a user to enter the unique Aadhaar user ID, and access addresses, post codes, photos, phone numbers, and email addresses. For a 300 rupee ($4.70) fee, hackers will also provide software to allow a victim’s Aadhaar card to be printed.

A follow-up report by Indian news website The Quint, has suggested that Aadhaar has a security flaw, which allows anyone with administrator access to the database to also grant administrator privileges to any other person, a process which can be repeated over and over. This would give those newly appointed with administration privileges access to the identifying data including names, addresses, dates of birth, parents’ names, gender, mobile numbers, language, but not the biometric data.

Aadhaar holds biometric data including fingerprints and iris scans. The UIDAI said that the biometric information and other sensitive data has not been compromised, but that it has filed a police complaint.

Comments

You may also read!

Outlining plans for expansion

SecurityMEA speaks with Aadesh S. Gawde, Chief Innovation Officer at ProVise Consulting about their company operations and plans going

Read More...

Cyber threat trends to watch

In the backdrop of the quarterly Fortinet Global Threat Landscape Report, Derek Manky, Global Security Strategist, Fortinet highlights how

Read More...

Paladion launches region’s first AI-driven SOC

Paladion has launched the first AI-driven SOC in the Middle East to protect enterprises in the region from next-generation

Read More...

Join Our Newsletter!

Love SecurityMEA? We love to tell you about our new stuff. Subscribe to newsletter!

Mobile Sliding Menu