While the central government continues to push for the importance and necessity of linking every personal detail to Aadhaar, the horrifying incidences of weak UIDAI security continue to be a nightmare for the citizens. After multiple reports of Aadhaar details leaking out in the public, the latest is a case of the details being up for sale.
According to The Tribune, anonymous sellers over WhatsApp are providing unrestricted access to details for any of the more than 1 billion Aadhaar numbers created in India thus far. Reportedly, for exchange of a mere Rs 500 over Paytm, “agents” create a “gateway” and pass on login ID and passwords. You could enter any Aadhaar number in the portal, and instantly get all particulars that an individual may have submitted to the UIDAI (Unique Identification Authority of India), including name, address, postal code (PIN), photo, phone number and email.
The publication verified the occurrence of such a racket with a payment of Rs 300, for which the agent provided “software” that could facilitate the printing of the Aadhaar card after entering the Aadhaar number of any individual. Apparently, the hackers seem to have gained access to the website of the Government of Rajasthan, as the “software” provided access to aadhaar.rajasthan.gov.in, through which one could access and print Aadhaar cards of any Indian citizen. However, it could not be ascertained whether the portals were genuinely of Rajasthan, or it was mentioned just to mislead.
Sanjay Jindal, Additional Director-General, UIDAI Regional Centre, Chandigarh, was reported as saying, “Except the Director-General and I, no third person in Punjab should have a login access to our official portal. Anyone else having access is illegal, and is a major national security breach.”
As per first level investigations, this racket is believed to have started around six months ago, when some anonymous groups were created on WhatsApp. “These groups targeted over 3 lakh village-level enterprise (VLE) operators hired by the Ministry of Electronics and Information Technology (ME&IT) under the Common Service Centres Scheme (CSCS) across India, offering them access to UIDAI data.” Jindal said all of this could be confirmed only after a technical investigation was conducted by the UIDAI.