Yet Another Aadhaar Data Breach But This Time Through EPFO

Yet Another Aadhaar Data Breach But This Time Through EPFO

SUMMARY

Data Breach Comes From “Aadhaar Data Protected By 13 Ft High And 5 Ft Thick Walls”

While Aadhaar and Facebook continue to create questions on data security, the latest data breach has come from EPFO (Employees’ Provident Fund Organisation).

The breach came to light through a letter circulated on Twitter which was titled ‘Secret’ dated March 23 and was addressed to the CEO of Common Service Centre which claimed that hackers exploited vulnerabilities through aadhaar.epfoservices.com to steal data.

“It has been intimated that the data has been stolen by hackers by exploiting the vulnerabilities prevailing in the website (aadhaar.epfoservices.com) of EPFO,” it stated, referring to an IB note warning of data theft on the same issue.

“The IB has advised adhering to the best practices and guidelines for securing the confidential data, re-emphasising regular and meaningful audit and vulnerability assessment and penetration testing (CAPT) of the entire system from competent auditors and testers,” the letter said.

As per the latest update, 27.5 Mn people have linked their Aadhaar card with their PF accounts. As per a report by The Wire, possible data that has been leaked includes the unique identity numbers, demographic information and employment details of millions of formal sector employees.

As news buzzed across social media, EPFO took upon itself to release a statement to state that there has been “no confirmed data leakage”. It clarified that “As part of the data security and protection, EPFO has taken advance action by closing the server and host service through Common Service Centres pending vulnerability checks.”

Furthermore, the organisation stated that “As such, there is nothing to be concerned about the news item. EPFO has been taking all necessary precautions and measures to ensure that no data leakage takes place and will continue to be vigilant about it in the future.”

Inc42 had recently reported that an Aadhaar whistleblower Srinivas Kodali published the screenshots of Aadhaar data details of MNREGA (Mahatma Gandhi National Rural Employment Guarantee Act) beneficiaries.

Suggesting a data leak of 8.9 Mn, the scale is much higher than Facebook’s effected data leak in India. The data leak also revealed details such as a person’s Aadhaar number, account number, father’s name, etc.

The breaches have been in direct contrast to UIDAI’s statements in the court where one of the clarifications was that the Aadhaar data is protected by 13 Ft high and 5 Ft thick walls.

Amid harsh stance shown during Facebook-Cambridge Analytica debacle, the continuous Aadhaar leaks should have provoked action as well as criticism of weak data security, however, all Indians have got till now is “Aadhaar is safe”.

You have reached your limit of free stories
Become An Inc42 Plus Member

Become a Startup Insider in 2024 with Inc42 Plus. Join our exclusive community of 10,000+ founders, investors & operators and stay ahead in India’s startup & business economy.

2 YEAR PLAN
₹19999
₹7999
₹333/Month
UNLOCK 60% OFF
Cancel Anytime
1 YEAR PLAN
₹9999
₹4999
₹416/Month
UNLOCK 50% OFF
Cancel Anytime
Already A Member?
Discover Startups & Business Models

Unleash your potential by exploring unlimited articles, trackers, and playbooks. Identify the hottest startup deals, supercharge your innovation projects, and stay updated with expert curation.

Yet Another Aadhaar Data Breach But This Time Through EPFO-Inc42 Media
How-To’s on Starting & Scaling Up

Empower yourself with comprehensive playbooks, expert analysis, and invaluable insights. Learn to validate ideas, acquire customers, secure funding, and navigate the journey to startup success.

Yet Another Aadhaar Data Breach But This Time Through EPFO-Inc42 Media
Identify Trends & New Markets

Access 75+ in-depth reports on frontier industries. Gain exclusive market intelligence, understand market landscapes, and decode emerging trends to make informed decisions.

Yet Another Aadhaar Data Breach But This Time Through EPFO-Inc42 Media
Track & Decode the Investment Landscape

Stay ahead with startup and funding trackers. Analyse investment strategies, profile successful investors, and keep track of upcoming funds, accelerators, and more.

Yet Another Aadhaar Data Breach But This Time Through EPFO-Inc42 Media
Yet Another Aadhaar Data Breach But This Time Through EPFO-Inc42 Media
You’re in Good company