20,000 Aadhaar cards found within 3 hours by security expert; UIDAI dismisses report
Moneylife Digital Team 12 March 2018
Once again, French security expert who goes under the pseudonym 'Elliot Alderson' (@fs0c131y) has exposed vulnerabilities of Aadhaar and Unique Identification Authority of India (UIDAI). He says he found almost 20,000 Aadhaar cards on the internet within three hours. The UIDAI, however, dismissed the claim in its usual fashion.
 
Making fun of UIDAI's security claims on Aadhaar, Alderson, in a series of tweets, says he found over 20,000 Aadhaar cards publicly available on the internet. 
 
 
 
UIDAI, however, dismissed the claims. In its tweets, it said, "Publication of Aadhaar cards by some people have absolutely no bearing on UIDAI and not the least on Aadhaar security. Aadhaar as an identity document by its very nature needs to be shared openly with others as and when required and asked for. Aadhaar just like any other identity document, therefore, is never to be treated as a confidential document. Although Aadhaar has to be shared with others, it being a personal information like mobile number, bank account number,  PAN card, passport, family details, etc, should be ordinarily protected to ensure privacy of the person."
 
 
In an open threat for such exposes, UIDAI says, "If anybody unauthorizedly publishes someone’s personal information such as Aadhaar card, passport, mobile number, bank account number, his photograph, he can be sued for civil damages by the person whose privacy right is infringed." 
  
Labelling the response from UIDAI as 'bad signal, Alderson says, " Instead of making disinformation @UIDAI, please discuss with me. Your threats are useless and I will continue my work. So please stop denying and let’s fix things together."
 
 
Earlier, Alderson, in a series of relentless tweets had pointed out how UIDAI and Khosla Labs, a licensed Authentication User Agency (AUA), were risking privacy and security of crores of Aadhaar holders. (Read: Aadhaar Mess: How UIDAI continues to goof up on its own mobile apps)
Comments
Pratap kumar Panda
4 years ago
This is an irresponsible tweet by UIADAI telling that if a person's details of AADHAAR is misused or mishandled by anybody,then he can be sued on the pretext that privacy is infringed.How far is it practicable,the privacy of an Indian is infringed everywhere....
Ramesh I
4 years ago
Considering such data breaches and other cases of misuse Aadhar by public and private entities, I can't for the life of me understand why the Supreme Court hasn't barred the Govt from making Aadhar linking mandatory, esp. when the person doesn't want to avail of any govt welfare scheme. Govt claims of Aadhar weeding out fake/undeserving beneficiaries of welfare schemes is total BS, as millions of illegal immigrants from Bangladesh and Myanmar have settled in India over the years and procured Aadhar with fake/forged documents, making them eligible for govt welfare schemes, despite not being citizens of India. This alone should have made our 'honorable' Supreme Court take prompt suo motu action and instructed Govt of India to stall further enrolments or atleast stop making Aadhar mandatory for non-welfare related things like linking with mobile phone a/cs, etc. Several terrorists in J&K or elsewhere have been caught with fake Aadhar cards, and also merrily use mobile services, so Govt has no case in forcing people to link their Aadhar with such services. To me this is both a case of overenthusiasm of the Political Executive and judicial apathy.
c babu challa
4 years ago
Hope the supreme court gives a stay on the aadhar linking immediately. MLF should immediately work on this for the benefit of the citizens. otherwise all the efforts of MLF will be fruitless.
Amitabha Bhattacharjee
4 years ago
Justice is blind
V Ramesh
4 years ago
When did we ever a see the government or its agencies admit that there is a problem?
Free Helpline
Legal Credit
Feedback