Aadhar Card data of 130 million as well as bank account details have been leaked. A study published by Centre for Internet and Society (CIS), a Bengaluru based organization says that Aadhar data of about 130 million card holders has been leaked from just 4 government websites. To add to the worry, it’s not just the Aadhar details but bank account numbers have also been leaked. The study noted that the leak is from four portals:
- National Social Assistance Programme
- National Rural Employment Guarantee Scheme
- Chandranna Bima Scheme
- Daily Online Payment Reports of NREGA
There is also a possibility that the leak is much bigger than the CIS report estimates it to be. Moreover, this is not the first time Aadhar data has been breached. Last two months have recorded a wave of data leaks, mostly due to improper information security practices. So far more than 21 leaks have been reported. There are possibly more than the recorded ones.
UIDAI needs to take data security very seriously. Aadhaar is a jackpot personal information; if it is in the wrong hands, the consequences will be catastrophic. Today, most security is cybersecurity. The recent instances of private information being made public on government websites are shameful violations of privacy and the Aadhaar Act.
What Government should do
Vulnerable sites:
The government narrative on the security measures are either being ignored or are unclear or are insufficient to tackle the growing threat of cyber-attacks. As a nation, the government bodies need to take more responsibility and upgrade cyber security to top notch level. Data breaches of this scale will cause massive unrest. Therefore, government bodies must assess or get cyber security firms to assess the loophole in the existing models.
Vulnerability cannot be overlooked anymore because more financial inclusion is happening with government asking banks to link Aadhar with bank accounts. Also lot of PDS schemes, subsidy schemes, employment schemes are being linked to Aadhar.
Upgrade security
The government must have a clear instruction on level of security to be used for UID database. Specific agencies can work on individual sites requiring their specific security needs. Cyber security at multiple levels then can be implemented to tackle similar problems.
Logix Infosecurity provides all the services including vulnerability testing. Our experts can assess the condition and propose best and top notch cyber security solution. Logix experts will not only suggest the next steps to fortify the cyber walls but also help in implementing them.