In yet another in a series of data compromises, the Andhra Pradesh government has exposed expansive details of upto 4.5 crore citizens — right from their phone numbers, insurance status, and home addresses — on a state government portal, accessible with only an Aadhaar number, reported The Times of India. All the data collected under Praja Sadhikhara Survey or Smart Pulse Survey, which is a extensive database of socio-economic and demographic data of citizens and seeded with Aadhaar, is accessible with an individual's Aadhaar number on a AP government portal. The vulnerability was first discovered by security researcher Srinivas Kodali, who notified the Andhra Pradesh government of the breach. The AP government has since suspended the link. "I have reported the security issue to the AP government. Just visiting the link and entering a number will give the information. The website has 4.5 crore peoples data, and all the details of the survey are here. The data is about smart pulse survey. The survey started in July 2016 and is ongoing. Earlier when a similar breach happened, officials brought down the site." Kodali told The Times of India. An earlier breach of the same database in April exposed the home addresses of citizens with geo-tagging, caste details down to the cluster/booth level using family details. This data was integrated with citizens' voter IDs. The AP government has been updating the pulse survey data of residents of the state since 2016 with an e-KYC based verification system linked to Aadhaar. Andhra Pradesh…
