wordpress blog stats
Connect with us

Hi, what are you looking for?

Andhra CM orders audit for all govt portals, sets up site to report breaches

After a series of data breaches by the Andhra government were discovered, the state government has finally moved a muscle; Chief Minister N Chandrababu Naidu has announced an audit of all government websites (which is the second such audit since May) and said the state will set up a portal to report such vulnerabilities and breaches. The developments were first reported by The New Indian Express.

“We have asked the Andhra Pradesh State Cyber Security Operations Centre (APCSOC) to conduct an audit of all the departments’ websites to identify if any sensitive public data is available on them. Here on, we will audit all the portals for both cybersecurity vulnerabilities and privacy issues. The audits will be done on a monthly basis.” K Vijayanand, principal secretary, IT, AP government told the New Indian Express. For the record, AP government has 1200 websites belonging to various government departments. The TNIE reported that government officials are wary of such an audit which gives access of data to APCSOC. Some departments even made the body sign non-disclosure agreements when the first such audit was carried out in May after a breach in April 2018.

The AP government also announced that it will design a “special portal” called Andhra Pradesh Computer Response Team (APCRT) to immediately respond to cyber-security threats and data breaches. “Anybody who spots discrepancies can reach out to us using APCRT.” said V Premchand, the MD of Andhra Pradesh Technology Services Ltd (APTSL). He further added that the APCRT would also have a call centre with ten phone lines, which could be contacted during cyber emergencies. APTSL is the nodal agency for e-governance initiatives in the state and also the organisation looking after the APCSOC.

The multiple breaches in Andhra Pradesh

The past week, Srinivas Kodali revealed several breaches of medical and socioeconomic data. Andhra government portals have unsecured websites that with, little or no trouble, made accessible phone numbers, addresses and medicines purchased from customers of state-owned generic medicine stores – Anna Sanjivini stores. It let anybody monitor the route of an ambulance, the reason the ambulance was called, which hospital it went to and the pick-up point. And finally, there was a breach of the Smart Pulse Survey data. Anybody could access the demographic details, insurance status and phone numbers of 4.5 crore people with just an Aadhaar number. The portal website was taken down after the breach was reported. Note that, Andhra Pradesh government has created “People’s Hub” which uses a resident’s Aadhaar number to consolidate 29 different department databases to create a “single source of truth” on the resident.

This is not all. The first such leak was reported two months ago in April 2018. The breach gave access to citizen data including the Aadhaar number, bank – branch, IFSC code and account number, father’s name, address, gram panchayat, mobile number, ration card number, right down to occupation, religion and even caste information.

Advertisement. Scroll to continue reading.

“It has been two months since the state officials made tall claims that those who helped them in plugging the vulnerabilities would be rewarded. But there is no way to report the issues. Even the highly-publicised Andhra Pradesh Cyber Security Operations Centre (APCSOC) does not have a website of its own,” Kodali told TOI.

Read all stories about Andhra Pradesh data breaches here.

Written By

I cover health, policy issues such as intermediary liability, data governance, internet shutdowns, and more. Hit me up for tips.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Due to the scale of regulatory and technical challenges, transparency reporting under the IT Rules has gotten off to a rocky start.


Here are possible reasons why Indians are not generating significant IAP revenues despite our download share crossing 30%.


This article addresses the legal and practical ambiguities in understanding the complex crypto ecosystem in India.


It is widely argued that the PDP Bill report seeks to discard the intermediary status of social media platforms but that may not be...


Looking at the definition of health data, it is difficult to verify whether health IDs are covered by the Bill.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ