A tweet containing an image of a letter from Central Provident Fund Commissioner, Dr. V. P. Joy to CEO of theCommon Services Centre (CSC), Dinesh Tyagi appears to notify of "Data Theft from ICT Infrastructure of Aadhaar Seeding Service for Employees Provident Fund Organization" https://twitter.com/arvindgunasekar/status/991540003229454336 The letter, marked "secret" and not verified so far, references a note from the Intelligence bureau warning of theft of data by hackers by exploiting vulnerabilities on aadhaar.epfoservices.com (currently offline) - specifically, Strut vulnerability and Backdoor Shells. "The IB has advised to adhere to best practices and guidelines for securing the confidential data, re-emphasizing regular and meaningful audit and vulnerability Assessment and Penetration Testing (CAPT) of the entire System from competent auditors and testers", the letter says. The letter says that though the server is hosted at the National Data Centre, the CSC Team manages it remotely and requests the immediate deployment of an expert Technical team to identify and patch the stated vulnerabilities as well as any others on the server and notifies that the servers have been stopped and services discontinued in the interim. Earlier this year, the UIDAI had refused to renew its registrar agreement with CSC citing corruption and enrollment process violations. According to CNBC-TV18 reporting "sources", the services of CSC have been terminated after this incident. Update: The EPFO has issued a Press release saying that warnings about vulnerability are routine administrative process. "The news is regarding to the services through common service centres and not about EPFO Software…
Please subscribe to MediaNama. Don't share prints and PDFs.
You May Also Like
News
Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...
Advert
135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...
News
By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...
News
Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...