Security researcher Srinivas Kodali has reported another leak of Aadhaar numbers. This time on an MNREGA Direct Benefit transfer website. The data of workers is listed by district, tehsil and village and lists the names of individuals, their job card numbers and their Aadhaar numbers. https://twitter.com/digitaldutta/status/989332234976088064 Kodali reported the site to security agencies. However, he has a pertinent question - "where is the UIDAI bug reporting mechanism?". Srinivas Kodali was among the researchers who had reported that government websites were leaking Aadhaar details and personal information for over 130 million Aadhaar holders last year. Other researchers too have reported publicly available Aadhaar information. "Little has changed", says Kodali. "We did not have a way to report these data leaks then, we don't have one now. Security agencies are not really the answer. This isn't a hack or breach or an attack on a government website, it is the government itself putting out data that it shouldn't be making public." MediaNama's take The lack of a bug reporting system for Aadhaar is an ongoing problem that is compounded by the UIDAI's tendency to shoot the messenger. This continues to encourage non-reporting of vulnerabilities, leaving them open for malicious actors to exploit. While the government counsel has argued vociferously in the Supreme Court during the Constitutional Challenge to Aadhaar, saying that the Petitioners should report problems and suggest improvements, there isn't actually a mechanism to do so, reducing genuine researchers who would like to see vulnerabilities fixed by approaching security agencies or…
News
Government website leaks Aadhaar numbers of 89,38,138 MNREGA workers and Social Security pensioners
Please subscribe to MediaNama. Don't share prints and PDFs.
You May Also Like
News
Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...
Advert
135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...
News
By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...
News
Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...