Amidst the ongoing debate on Aadhaar, Edward Snowden is the latest to voice concerns about the underlying vulnerability of the Aadhaar database. The development comes just two days after reports surfaced that Aadhaar numbers, along with the linked details, were being sold for as little as $7.8 (INR 500).
In response to Buzzfeed’s report on the recent breach, Snowden tweeted, “It is the natural tendency of government to desire perfect records of private lives. History shows that no matter the laws, the result is abuse.”
CBS journalist Zack Whittaker had earlier made a similar statement which read as follows, “ICYMI. India has a national ID database with the private information of nearly 1.2 Bn nationals. It has reportedly been breached. Admin accounts can be made and access can be sold to the database, reports BuzzFeed.”
The Unique Identification Authority of India (UIDAI), the government body that issues Aadhaar, however, has continued to deny any breach of the Aadhaar database.
Defending the system’s security standards, the UIDAI stated in a press release, “Claims of bypassing or duping the Aadhaar enrolment system are totally unfounded. Aadhaar data is fully safe and secure and has robust uncompromised security. The UIDAI data centres are an infrastructure of critical importance and is protected accordingly with high technology conforming to the best standards of security and also by legal provisions.”
According to the original report by The Tribune, which unearthed the racket that is believed to have started nearly six months ago, administrator login IDs and passwords needed to gain access to the UIDAI portal could be acquired for only around $7.8 (INR 500).
The report further alleged that the system had nearly 100K illegal users. Authorities, however, have denied any infiltration of the Aadhaar system.
The UIDAI added, “UIDAI maintains complete log and traceability of the facility and any misuse can be traced and appropriate action taken. The reported case appears to be instance of misuse of the grievance redressal search facility. As UIDAI maintains complete log and traceability of the facility, the legal action including lodging of FIR against the persons involved in the instant case is being done.”
This is not the first-ever Aadhaar leak. Last year, it was widely reportedly how private data of 130 Mn people was compromised when the Jharkhand government accidentally leaked more than 1 Mn Aadhaar records of pensioners. Also, there were reports of how various Common Service Centres across the country were involved in leaking the information, right from the collection to storage, accuracy and the use of Aadhaar data.
The details are not limited to one’s biometric, but it has got the entire personal details including name, father’s name, DoB, mobile no., email id and address too. One can, not only access the personal details but can also easily crack the other details such as tax returns, and other professional details too.
With a database of over one billion Indians, Aadhaar is the largest biometric programme in the world, and so is the risk of breaches and data theft, as iterated by whistleblower Edward Snowden. Whether the UIDAI manages to successfully crack down on Aadhaar crimes remains to be seen.
(The development was reported by ET)