Yet Another Data Leak In Indian Government Database, Exposes Multiple Citizen IDs

Yet Another Data Leak In Indian Government Database, Exposes Multiple Citizen IDs

SUMMARY

Gujarat government’s real estate regulatory authority website had experienced this data leak

French cybersecurity expert Baptiste Robert reported the leak yesterday in a twitter post

The RERA website is currently inaccessible and the insecure link is also deactivated

Gujarat government’s real estate regulatory authority website has allegedly left one of its download URL unprotected, which in turn exposed sensitive citizen data such as PAN cards, Aadhaar cards, passport size photos, income tax details among other documents. 

This data leak was discovered by the French cybersecurity expert Baptiste Robert (who goes by the pseudonym Elliot Alderson on Twitter) yesterday on September 19. Elliot shared a download link (https://gujrera.gujarat.gov.in/download?DOC_ID=XXX) from Gujarat’s RERA website which was pulling up citizen documents on replacing ‘XXX’ with any random three-digit number. 

Since then, multiple twitter users replied to Elliot tweet, confirming that they were able to access multiple PAN cards, Aadhaar cards, financial declarations by a company, income tax details of citizens, among other documents.

Following this, the Gujarat RERA website is currently inaccessible on September 20 morning. Also, the download link shared by Elliot cannot be accessed anymore. 

Elliot too confirmed in a tweet that the link has been fixed. “The Indian government should do a general audit of their websites because, unfortunately, I can play this game for a very long time,” he added in the tweet. 

Aadhaar Database Leaks On The Rise 

Unfortunately, this is not the first case of Indian government leaking the citizen’s data. Just this May, Andhra Pradesh government exposed Aadhaar data of thousands of its state farmers.

The state government’s Agricultural Ministry website had publicly uploaded the list of its scheme beneficiaries containing private details such as mobile number, caste, village division, in addition to the benefactor’s Aadhaar number.

Also in January,  Aadhaar database of government workers in Jharkhand was leaked by a state government’s website which has left the details of these workers exposed without a password.  

With Indian government planning to link citizen’s social media accounts to aadhaar numbers, these frequent cases of database leaks by the government websites become much more alarming.  

You have reached your limit of free stories
Become An Inc42 Plus Member

Become a Startup Insider in 2024 with Inc42 Plus. Join our exclusive community of 10,000+ founders, investors & operators and stay ahead in India’s startup & business economy.

2 YEAR PLAN
₹19999
₹7999
₹333/Month
Unlock 60% OFF
Cancel Anytime
1 YEAR PLAN
₹9999
₹4999
₹416/Month
Unlock 50% OFF
Cancel Anytime
Already A Member?
Discover Startups & Business Models

Unleash your potential by exploring unlimited articles, trackers, and playbooks. Identify the hottest startup deals, supercharge your innovation projects, and stay updated with expert curation.

Yet Another Data Leak In Indian Government Database, Exposes Multiple Citizen IDs-Inc42 Media
How-To’s on Starting & Scaling Up

Empower yourself with comprehensive playbooks, expert analysis, and invaluable insights. Learn to validate ideas, acquire customers, secure funding, and navigate the journey to startup success.

Yet Another Data Leak In Indian Government Database, Exposes Multiple Citizen IDs-Inc42 Media
Identify Trends & New Markets

Access 75+ in-depth reports on frontier industries. Gain exclusive market intelligence, understand market landscapes, and decode emerging trends to make informed decisions.

Yet Another Data Leak In Indian Government Database, Exposes Multiple Citizen IDs-Inc42 Media
Track & Decode the Investment Landscape

Stay ahead with startup and funding trackers. Analyse investment strategies, profile successful investors, and keep track of upcoming funds, accelerators, and more.

Yet Another Data Leak In Indian Government Database, Exposes Multiple Citizen IDs-Inc42 Media
Yet Another Data Leak In Indian Government Database, Exposes Multiple Citizen IDs-Inc42 Media
You’re in Good company