Categories: Data Breach

Indian Aadhaar Details Exposed in Public by More than 200 Government Websites

Around 200 websites are publically Exposed the AADHAAR Card’s information that contains  More than 1 Billion Indian’s Personal Identity information such as names and addresses of some Aadhaar beneficiaries.

UIDAI is mandated to issue an easily verifiable 12 digit random number as Unique Identity as Aadhaar to all Residents of India.

This program wants each and every citizen to have a unique number which involves issuing an Aadhar number as well as one Aadhar card. This should also be linked to other key services like pension schemes or their bank accounts.

Also Read:  Pentagon’s Data Leak Exposed 1.8 Billion of Social Media Surveillance Data

A Report from RTI, Said it was found that approximately 210 websites of a central government, state government departments including educational institutes were displaying the list of beneficiaries along with their name, address, other details and Aadhaar numbers for information of general public.

The UIDAI took note and got the Aadhaar data removed from the said websites, it said in reply to the RTI application.

“UIDAI has a well-designed, multi-layer approach robust security system in place and the same is being constantly upgraded to maintain the highest level of data security and integrity,” the RTI reply said.

“Various policies and procedures have been defined, these are reviewed and updated continually thereby appropriately controlling and monitoring any movement of people, material, and data in and out of UIDAI premises, particularly the data centres,” the UIDAI said.

Balaji

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

Threat Actors Exploit Google Docs And Weebly Services For Malware Attacks

Phishing attackers used Google Docs to deliver malicious links, bypassing security measures and redirecting victims…

8 hours ago

Python NodeStealer: Targeting Facebook Business Accounts to Harvest Login Credentials

The Python-based NodeStealer, a sophisticated info-stealer, has evolved to target new information and employ advanced…

8 hours ago

XSS Vulnerability in Bing.com Let Attackers Send Crafted Malicious Requests

A significant XSS vulnerability was recently uncovered in Microsoft’s Bing.com, potentially allowing attackers to execute…

11 hours ago

Meta Removed 2 Million Account Linked to Malicious Activities

 Meta has announced the removal of over 2 million accounts connected to malicious activities, including…

14 hours ago

Veritas Enterprise Vault Vulnerabilities Lets Attackers Execute Arbitrary Code Remotely

Critical security vulnerability has been identified in Veritas Enterprise Vault, a widely-used archiving and content…

15 hours ago

7-Zip RCE Vulnerability Let Attackers Execute Remote Code

A critical security vulnerability has been disclosed in the popular file archiving tool 7-Zip, allowing…

15 hours ago