FB pixel

UIDAI denies reported major Aadhaar security breach


The Unique Identity Authority of India (UIDAI) has responded to a media report claiming that access to the entire Aadhaar database could be purchased for 500 rupees (roughly $8) by saying that no biometric data has been breached, The Indian Express reports.

The Chandigarh-based Tribune media outlet claimed not only that it had purchased unrestricted access to details for any of the more than one billion Indian citizens from an anonymous WhatsApp user, but also that for an even smaller sum, it had purchased software enabling fake Aadhaar cards to be printed.

The UIDAI responded with a statement: “UIDAI reassures that there has not been any data breach of biometric database which remains fully safe and secure with highest encryption at UIDAI and mere display of demographic information cannot be misused without biometrics.”

Local UIDIA officials expressed shock when told of the data’s availability, according to the report. “Except the Director-General and I, no third person in Punjab should have a login access to our official portal. Anyone else having access is illegal, and is a major national security breach,” Chandigarh UIDAI Regional Center Additional Director General Sanjay Jindal was quoted as saying.

The official UIDAI response, however, attributed the case to a “misuse of the grievance redressal search facility.” The agency said it would take criminal action against those responsible, but also that “Aadhaar data is fully safe and secure and has robust, uncompromised security.”

Even without the associated biometric information, Lisa Baergen, director at NuData Security, says it illustrates the importance of applying strong data security to personally identifiable information (PII).

“This kind of data breach shows how easy it can be for cybercriminals to access PII, and how organized cybercriminals can be in distributing this information — in this particular instance using anonymous WhatsApp groups to offer their services,” Baergen comments. “The UIDAI have suggested that no biometric data was accessed, but even so, the amount of PII that has been accessed provides a healthy pipeline for future cybercriminals. In future, organizations should take more stringent security measures in protecting PII, including passive biometrics and two factor authentication.”

As previously reported, the UIDAI was forced to issue a statement in November asserting that the publication of Aadhaar numbers and other information did not constitute a major security breach, as Aadhaar numbers themselves are not secret, and can only be utilized with the biometrics of the individual.

Article Topics

 |   |   |   |   | 

Latest Biometrics News


Smile ID surges past 150M identity verifications completed

Selfie biometrics provider Smile ID (formally Smile Identity) has achieved the completion of 150 million identity verifications – five months…


Incode age assurance gets stamp of approval from ACCS

Incode Technologies has announced that their Incode Identity Platform product has received certification under the Age Check Certification Scheme (ACCS)….


Arana launches police biometrics app for HID scanner

Arana Security has launched a new mobile app for mobile biometric fingerprint readers from HID used by law enforcement. The…


Fraud hammers online services, drives AI ambivalence

Fraud rates are spiking just like temperatures in many parts of the world. Global identity verification companies Sumsub, AuthenticID and…


Contractor distances self from biometric device failures in South Africa elections

A Johannesburg-based company, Ren-Form, which supplied biometric hardware to the Electoral Commission of South Africa (IEC) says it is not…


Online age verification requirements in US legislation raise thorny problems

More than a dozen bills have been introduced in the current U.S. Congress that, if enacted, would increase protections for…


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events