Take the pledge to vote

For a better tommorow#AajSawaroApnaKal
  • I agree to receive emails from News18

  • I promise to vote in this year's elections no matter what the odds are.
  • Please check above checkbox.

    SUBMIT

Thank you for
taking the pledge

Vote responsibly as each vote counts
and makes a diffrence

Disclaimer:

Issued in public interest by HDFC Life. HDFC Life Insurance Company Limited (Formerly HDFC Standard Life Insurance Company Limited) (“HDFC Life”). CIN: L65110MH2000PLC128245, IRDAI Reg. No. 101 . The name/letters "HDFC" in the name/logo of the company belongs to Housing Development Finance Corporation Limited ("HDFC Limited") and is used by HDFC Life under an agreement entered into with HDFC Limited. ARN EU/04/19/13618
LIVE TV DownloadNews18 App
News18 English
Powered by cricketnext logo
News18 » India
2-min read

Aadhaar Hit by Another Allegation of Personal Data Leak, UIDAI Calls Report Totally Baseless

The ZDNet report stated that even though the security lapse had been flagged to some government agencies over a period of time, it has yet to be fixed.

News18.com

Updated:March 24, 2018, 10:24 PM IST
facebookTwitter Pocket whatsapp
Aadhaar Hit by Another Allegation of Personal Data Leak, UIDAI Calls Report Totally Baseless
Image for representation only.

New Delhi: The Unique Identification Authority of India (UIDAI) on Saturday refuted reports about a fresh data leak of Aadhaar holders, and asserted that there has been "absolutely no breach" of its database.

The statement comes after ZDNet, a technology news portal, reported that a data leak on a system run by a state-owned utility company can allow access to private information of Aadhaar holders, exposing their names, their unique 12-digit identity numbers and their bank details.

Even though the security lapse had been flagged to some government agencies over a period of time, it has yet to be fixed. ZDNet said it was withholding the name of the utility and other details.

Karan Saini, a New Delhi-based security researcher, said that anyone with an Aadhaar number was affected. "This is a security lapse. You don't have to be a consumer to access these details. You just need the Uniform Resource Locator where the Application Programming Interface is located. These can be found in less than 20 minutes," Saini told Reuters.

Aadhaar, with over 1.1 billion users, is the world's biggest database. It has been facing increased scrutiny over privacy concerns following several reported instances of breaches and misuse. The Supreme Court is hearing a clutch of petitions against its constitutional validity.

In its statement, UIDAI, the Aadhaar-issuing body, said there is no truth to the ZDNet story as there has been absolutely no breach of UIDAIs Aadhaar database. “Aadhaar remains safe and secure". It termed the data breach claims as "totally baseless, false and irresponsible".

"UIDAI today has refuted reports in a certain section of media sourced from the news website ZDNet which has quoted a person purportedly claiming to be a security researcher that a state-owned utility company has vulnerability which can be used to access a huge amount of Aadhaar data including banking details," it said.

The UIDAI has argued that even if the report claims were taken to be true, the security related concerns should be around the database of utility company in question. It has "nothing to do with security of UIDAIs Aadhaar database", it said.

Going by the logic of the report, since the utility company's database also had bank account numbers of its customers, would bank databases also be considered to have been breached, UIDAI questioned. "The answer would obviously be in negative," it added.

UIDAI argued that mere availability of Aadhaar number with a third person "will not be a security threat to the Aadhaar holder" nor will it lead to financial or other fraud. This is because a transaction is contingent upon a successful authentication through fingerprint, Iris or OTP of the Aadhaar holder, UIDAI said.

Earlier this week, UIDAI CEO Ajay Bhushan Pandey had made a powerpoint presentation in the Supreme Court to defend the government's ambitious Aadhaar scheme. He had said that breaking Aadhaar encryption may take "more than the age of the universe for the fastest computer on earth."

(With agency inputs)

Get the best of News18 delivered to your inbox - subscribe to News18 Daybreak. Follow News18.com on Twitter, Instagram, Facebook, Telegram, TikTok and on YouTube, and stay in the know with what's happening in the world around you – in real time.

| Edited by: Aakarshuk Sarna
Read full article
Next Story
Next Story

facebookTwitter Pocket whatsapp

Live TV

Countdown To Elections Results
To Assembly Elections 2018 Results