wordpress blog stats
Connect with us

Hi, what are you looking for?

Government website leaks Aadhaar numbers of 89,38,138 MNREGA workers and Social Security pensioners

Security researcher Srinivas Kodali has reported another leak of Aadhaar numbers. This time on an MNREGA Direct Benefit transfer website. The data of workers is listed by district, tehsil and village and lists the names of individuals, their job card numbers and their Aadhaar numbers.

Kodali reported the site to security agencies. However, he has a pertinent question – “where is the UIDAI bug reporting mechanism?”. Srinivas Kodali was among the researchers who had reported that government websites were leaking Aadhaar details and personal information for over 130 million Aadhaar holders last year. Other researchers too have reported publicly available Aadhaar information.

“Little has changed”, says Kodali. “We did not have a way to report these data leaks then, we don’t have one now. Security agencies are not really the answer. This isn’t a hack or breach or an attack on a government website, it is the government itself putting out data that it shouldn’t be making public.”

Advertisement. Scroll to continue reading.

MediaNama’s take

The lack of a bug reporting system for Aadhaar is an ongoing problem that is compounded by the UIDAI’s tendency to shoot the messenger. This continues to encourage non-reporting of vulnerabilities, leaving them open for malicious actors to exploit. While the government counsel has argued vociferously in the Supreme Court during the Constitutional Challenge to Aadhaar, saying that the Petitioners should report problems and suggest improvements, there isn’t actually a mechanism to do so, reducing genuine researchers who would like to see vulnerabilities fixed by approaching security agencies or reporting them on media.

It also raises serious questions about the standards of tech delivered to governments. The government does not appear to examine the quality of work delivered by companies contracted to maintain its digital services. Government websites are notoriously hard to use, have design flaws, poor coding standards, obsolete server software and more. TCS is among the leading tech organizations in the country. For such a glaring flaw to exist in a website maintained by it indicates a lack of rigour. Would TCS be delivering such work to non-government clients where personal information is made public without so much as a basic password for accessing? Does the government have a mechanism for independent assessment for security and quality in the absence of a bug reporting mechanism where citizens do it for them for free?

Written By

Vidyut is a commentator on socio-political issues with a keen interest in behavioral sciences, digital rights and security and manages to engage her various proficiencies to bring an unusual perspective to issues related with the intersection of tech and people.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.

Views

News

The US and other countries' retreat from a laissez-faire approach to regulating markets presents India with a rare opportunity.

News

When news that Walmart would soon accept cryptocurrency turned out to be fake, it also became a teachable moment.

News

The DSCI's guidelines are patient-centric and act as a data privacy roadmap for healthcare service providers.

News

In this excerpt from the book, the authors focus on personal data and autocracies. One in particular – Russia.  Autocracies always prioritize information control...

News

By Jai Vipra, Senior Resident Fellow at Vidhi Centre for Legal Policy The use of new technology, including facial recognition technology (FRT) by police...

You May Also Like

Advert

135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...

News

Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...

News

By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

News

Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Name:*
Your email address:*
*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ