FB pixel

State gas company leaks millions of Aadhaar numbers in second breach

| Chris Burt
Categories Biometrics News  |  Civil / National ID
 

A state-owned gas company in India has exposed the personal information of an estimated 6.8 million people to Google searches, including Aadhaar numbers, Vice News reports. The leak was discovered by French security expert Baptiste Robert, and detailed in a Medium post four days after the company, which did not respond, was notified.

Indane provides subsidies of liquified petroleum gas, and by making accounts visible through a dealer portal unprotected with authentication, the names, addresses, and Aadhaar numbers of customers were exposed. The Unique Identification Authority of India (UIDAI) has previously said Aadhaar numbers, while not secret for verification purposes, should be protected like other identity documents and sensitive items such as credit cards.

TechCrunch has verified Robert’s findings, but Indane initially denied that there had been a leak, before taking its website offline.

A state government also leaked Aadhaar numbers of 160,000 government workers last month, according to Vice.

The UIDAI has consistently held that the deduplication and biometric identity verification features of Aadhaar make it secure against such leaks, and when an Indane endpoint vulnerability exposed personal information in early 2018, said its own database remained secure and no biometric data had been compromised. The agency has also previously said that exposure of Aadhaar information does not constitute a breach, but with national elections just months away, the national ID system, which has been both a signature project and a source of headaches for the Modi government, does not seem to be assuring the Indian public.

Aadhaar is still necessary for many transactions, however, and following the government’s commitment to the system, businesses including companies like NEXT Biometrics have invested in providing authentication under the world’s largest biometric program.

Article Topics

 |   |   |   | 

Latest Biometrics News

 

Thomson Reuters and Socure partner on AI-driven fraud prevention

Thomson Reuters is moving deeper into digital identity verification and fraud prevention through a new partnership with Socure, tying together…

 

Keir Starmer’s political crisis casts shadow on UK’s digital ID plans

Last week, the King’s Speech set out 37 bills for the new parliamentary year, including the Digital Access to Services…

 

Biometric Update report analyzes how MOSIP is reshaping digital identity infrastructure

Biometric Update has published a new report examining the growing role of the Modular Open Source Identity Platform (MOSIP) in…

 

Hancomwith joins South Korea’s 2026 Zero Trust pilot with SASE‑based security model

Hancomwith is taking part in the South Korean government’s 2026 Zero Trust Adoption Pilot Project. The initiative is supposed to…

 

Cambodia launches digital driver’s licences, national ID services expand

Cambodia is expanding its digital government drive with the launch of digital driver’s licences, while also stepping up national ID…

 

ID.me and Verisys partnership points to broader CMS digital identity push

ID.me and Verisys have launched a strategic partnership aimed at helping state Medicaid agencies verify provider identities, validate credentials, and…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Continue Reading

Biometric Market Analysis and Buyer's Guides

Most Viewed This Week

Featured Company

Learn More

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events