The Free Software Movement of India has published an open letter addressed to Dr. AB Pandey, CEO of the UIDAI regarding "Security of the Aadhaar personal data and ECMP Software". The letter describes the coverage of the ECMP Aadhaar Enrolment Software hack reported by Asia Times and draws the notice of the UIDAI to WhatsApp messages circulating about the patched version of the software. The letter also highlights YouTube videos "which claim to demonstrate how using a software patch to the ECMP software, geo-location and bio-metric security protection can be bypassed", similar to the one below that allow new Aadhaar enrolments without verification and updating of personal information of existing Aadhaar numbers. Such as this one: https://www.youtube.com/watch?v=i3ttp72P_Ww The FSMI terms call this a very serious concern as it endangers the sanctity of the entire Aadhaar database and asks whether the UIDAI authority has carried out an examination of these claims and if there is any merit to these claims. The letter also draws attention to a PayTM account mentioned in the YouTube video that was tracked down to a Bharat B. Who claimed to work for the Computer Sciences Corporation e-governance division. The letter asks the UIDAI whether the patched software could be the case of rogue insiders misusing their access to the software to create an illegal patched version. The letter asks UIDAI the following questions regarding the reported hack: What are the steps the UIDAI is taking to make the Aadhaar system safe, as the security problems seem…
