wordpress blog stats
Connect with us

Hi, what are you looking for?

Chennai Corporation leaks more than 30k people’s personal data, including Aadhaar; patches issue

The Greater Chennai Corporation’s website leaked over 30,000 people’s personal information through e-passes, security researcher Robert Baptiste said on Twitter. The vulnerability left application forms and emergency movement passes issued by the authorities exposed. Baptiste, known better under his Twitter pseudonym Elliott Alderson, said that over 30,000 reserve volunteers’ data was also exposed. The vulnerability was first spotted by Twitter user KaruppuNerd on May 2.

Baptiste first tweeted about the finding at 6:31pm on May 4, and by 8:18pm, Chennai Corporation fixed the vulnerabilities. No dump of the exposed information has surfaced for the moment.

Advertisement. Scroll to continue reading.

The corporation did not release a statement about the leak. We have reached out to them for more details on how the exposed data was secured, and what further steps they are taking to keep this information safe.

Privacy and COVID-19

  • On March 26, the Karnataka government published a list of home addresses where people were placed under quarantine.
  • On April 18, source code for a contact tracing app in the Netherlands leaked the personal information of 200 users.
  • On April 26, it emerged that an Aarogya Setu vulnerability leaked users’ precise location data to Google when the self-assessment feature was taken in a specific way.

Written By

I cover the digital content ecosystem and telecom for MediaNama.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Do we have an enabling system for the National Data Governance Framework Policy (NDGFP) aiming to create an repository of non-personal data?


A viewpoint on why the regulation of cryptocurrencies and crypto exchnages under 2019's E-Commerce Rules puts it in a 'grey area'


India's IT Rules mandate a GAC to address user 'grievances' , but is re-instatement of content removed by a platform a power it should...


There is a need for reconceptualizing personal, non-personal data and the concept of privacy itself for regulators to effectively protect data


Existing consumer protection regulations are not sufficient to cover the extent of protection that a crypto-investor would require.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ