Home United States USA — IT UIDAI trashes ZDNet report, refutes Aadhaar data leak claim by Delhi researcher

UIDAI trashes ZDNet report, refutes Aadhaar data leak claim by Delhi researcher

267
0
SHARE

“There is no truth in this story as there has been absolutely no breach of UIDAI’s Aadhaar database. Aadhaar remains safe and secure,” UIDAI sai..
The Unique Identification Authority of India ( UIDAI) on Saturday refuted a Delhi-based researcher’s claim of data leak on a system run by an undisclosed state-owned utility, which allegedly allows anyone to download private information of all Aadhaar holders. UIDAI, which issues Aadhaar numbers, said, “There is no truth in this story as there has been absolutely no breach of UIDAI’s Aadhaar database. Aadhaar remains safe and secure.” The government agency further said the story sourced from business technology site ZDNet relating to Aadhaar database is totally baseless, false and irresponsible. Just days ago, UIDAI CEO Ajay Bhushan Pandey had claimed that it would take the world’s fastest computer longer than the age of the universe to break the database encryption. The Delhi-based researcher’s claim, reported by ZDNet, says the breach exposes names, the 12-digit Aadhaar and information about the service beneficiaries linked to Aadhaar — bank account, mobile number, passport, etc. The application programming interface ( API), through which a utility provider verifies a customer’s identity, is reportedly not secured and has no access controls in place. This makes it possible to retrieve private details of any Aadhaar holder, ZDNet reported. In a recent interview to ET, UIDAI CEO said the database was secure. The ZDnet story claims the database of the state utility, which has details such as customers’ bank account numbers and Aadhaar numbers (not the biometrics, though), has some vulnerability. The UIDAI statement said: “Even if the claim purported in the story were taken as true, it would raise security concerns on database of that utility company and has nothing to do with security of UIDAI’s Aadhaar database.”

Continue reading...