wordpress blog stats
Connect with us

Hi, what are you looking for?

Jharkhand govt portal is leaking thousands of personal and legal papers

The department of agriculture of the Jharkhand government is leaking personal and legal documents of individuals in the state. About 9,000 documents from the government portal have been leaked. The documents are assorted types of legal, personal and business documents many of them containing personally identifiable information of proprietors, licenses, lease agreements between the individuals and the state government, licenses to sell agricultural products and so on.

The vulnerability was first discovered by French security researcher Robert Baptiste, who goes by Elliot Alderson on Twitter.

To be clear, the data has not been hacked or stolen, but is openly available on a dashboard run by the Jharkhand state government.

The portal leaking personal and legal data; this image shows a small sample of the thousands of documents available for download.

Personal documents

Scanned copies of PAN card and Aadhaar cards of several individuals are available on the website. Various legal documents and affidavits containing licenses to sell and stock insecticides, fertilizers, seeds. Remember that a legal document contains granular detail of the concerned parties or entities. Documents accessed by MediaNama contain residential and/or office address of the proprietor along with full names, fathers’ names, signatures and in some cases even their photographs. The documents also have registration documents which also reveal personally identifiable information.

Scan of Aadhar Card of the same individual

Scan of PAN Card of an individual, available for download on a state government portal.


Appointment letters and Challans

There are even some appointment letters to private firms based in the state. For instance, in one appointment letter, the firm hiring the individual exposed the remuneration amount of the person.

License Agreement issued by the state

Below is one license document out of the hundreds MediaNama accessed. This is a typical license which the department of agriculture grants to private bodies allowing them to deal in agro-products such as seeds, fertilizers, insecticides and so on. The government contained name and full address of the applicant along with their signature and date of license issue and expiration .

Advertisement. Scroll to continue reading.

A license to sell seeds, issued by the state government.

Another such document below even reflects the photograph of the proprietor who has applied for such a license.

A license to sell and stock insecticides, issued by the state government.


Personal data vulnerable

It is clear that the data of whoever exchanged paperwork of had some association with the agriculture department of the government of Jharkhand has their data on their website, available for download. It isn’t clear if the data was acquired with the consent of the individuals.

This is one among a spate of data leak by several government websites in the country. It has been extensively reported that the Andhra Pradesh government robustly leaves exhaustive and sensitive (medical data such as who takes erectile dysfunction pills, and ambulance tracking) citizen data vulnerable, available for download, leaving millions exposed online for anybody with an internet connection to access.

Last week, it was found that a portal is leaking data of 250,000 candidates who appeared for NEET 2018. The CBSE denied any such data breach saying it was “out of question” after Congress President Rahul Gandhi wrote to the concerned authorities about the media reports of the leak. Following up to the NEET leak, the portal leaking NEET data was just one among more than 50 such portals which was leaking personal and academic data of students across the country and had put them up for sale. More than 50 websites run by a single person were leaking expansive and exhaustive data containing personal information of students including name, phone number, email address, college name, academic qualification, year of passing or year student is currently in and so on. The students in question are from engineering colleges, medical schools, fashion institutes, business schools and even 12th graders. The domains are a treasure trove of personal data for advertisers who want to market their institutions and coaching classes to aspiring students.

The name of the individual and the website URLs have not been mentioned in the interest of protecting the privacy of students whose data is available on these websites. Any details which will be personally identifiable has been blacked out in the interest of the safety of the individuals.

Advertisement. Scroll to continue reading.
Written By

I cover health, policy issues such as intermediary liability, data governance, internet shutdowns, and more. Hit me up for tips.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



While the market reality of popular crypto-assets like Bitcoin may undergo little change, the same can't be said for stablecoins.


Bringing transactions related to crypto-assets within the tax net could make matters less fuzzy.


Loopholes in FEMA and the decentralised nature of crypto-assets point to a need for effective regulations.


The need of the hour is for lawmakers to understand the systems that are amplifying harmful content.


For drone delivery to become a reality, a permissive regulatory regime is a prerequisite.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ