French cybersecurity expert Baptiste Robert who goes by the alias, Elliot Anderson, has reported a massive Aadhaar data breach in the website of Indian Oil Corporation-owned LPG brand, Indane.\r\n\r\nAccording to Anderson\u2019s blog, Aadhaar details of over 6.7 Mn users containing details such as names, addresses and the Aadhaar numbers were leaked on Indane\u2019s website. The leak happened through the section of the website meant for Indane dealers and distributors, which can be accessed through a username and password.\r\n\r\n\r\n\r\n\u201cDue to a lack of authentication in the local dealers portal, Indane is leaking the names, addresses and the Aadhaar numbers of their customers,\u201d Anderson wrote.\r\n\r\nThis is not the first time that Anderson has pointed out loopholes in the security of the Aadhaar database. Last year, Anderson had uploaded website links containing the Aadhaar data of several thousand people on Twitter. He also uploaded a tutorial video showing how one can breach Aadhaar data in a minute.\r\n\r\nThis is the second Aadhaar data breach that has been reported this month (February). Two weeks back, unique identification numbers (UIN) of government workers in Jharkhand were publicly exposed\u00a0through a state government website which was also a development that Anderson helped uncover.\u00a0\r\nAadhaar: An Ongoing Fiasco\r\nLast year, UIDAI CEO Ajay Bhushan Pandey had said to the Supreme Court that personal data acquired during enrolment, including biometrics, were encrypted and couldn\u2019t be hacked adding that \u201cit would take more than the age of the universe to break one encryption\u201d.\r\n\r\nOn September 2018, the top court in its landmark judgement on Aadhaar validation, had directed that Aadhaar will only be mandatory for the filing of income tax returns and PAN linking. Meanwhile union minister of law, electronics and information technology, Ravi Shankar Prasad has said that the central government is planning to link Aadhaar with driving licences of people.\r\n\r\nLast month, the State Bank of India (SBI), had demanded that UIDAI check an alleged \u201cmisuse of Aadhaar biometrics,\u201d and find the causes that led to its misuse. It was also reported that some officials, who were appointed by the SBI in the Chandigarh region and were responsible for Aadhaar enrolment, \u00a0had been misusing their operator ID to generate Aadhar cards using fraudulent documents during the period between November 9 and November 17, 2018.\r\n\r\nMeanwhile, the Aadhaar Amendment Bill which had already been passed by the Lok Sabha has lapsed\u00a0amid other issues taking predominance ahead of the upcoming general election to happen in a few months and thus the bill could not be introduced in the Rajya Sabha. The opposition in Lok Sabha had earlier said that the bill contradicted the Supreme Court\u2019s verdict on Aadhaar.