Citizens in desperate need of help with issues surrounding Covid-19 are sharing their Aadhaar numbers along with their phone numbers in the hope that someone responds to their SOS calls.
A quick analysis by MediaNama of Twitter on Thursday afternoon showed that there were more at least 10 such tweets that were put out since morning by family members of patients, volunteers or just citizens who were looking to amplify SOS tweets. The details include patient name, phone number, Aadhaar number, hospital name where the patient is in and so on. Most of the requests were for Remdesivir injections, blood plasma, or hospital beds.
Social media users are also uploading not just Aadhar numbers but also images of the Aadhar hardcopy.
The Unique Identification Data Authority of India (UIDAI) in 2018 had asked citizens to take due precautions while sharing personal information such as Aadhaar on the internet. In a statement UIDAI had said, “People share their personal information, including Aadhaar on internet, to some or other service provider or vendor to get the services and when they put their details on internet they should take due precautions as required in any digital activities.”
When MediaNama contacted one of the numbers given in such tweets along with their Aadhaar number, the responder said that the SOS was for their relative. Upon telling the person that it may not be very safe to share their Aadhaar number along with other details on social networking websites, the persons said that he was not aware of the same, and that he would delete it immediately.
At the end of the conversation, the person requested the MediaNama reporter if he had access to Remdesivir injections. “I have got one injection, but I need five more,” the person requested.
Publishing Aadhaar in public platforms may lead to identity theft
The security of Aadhaar data and citizen privacy have been under question for a long time. Explaining how, in this case, the published Aadhaar may be misused, independent security researcher Srinivas Kodali said, “People are desperate for help and are publishing details such as Aadhar to show they genuinely need medicines. However, there may be fraudsters who might be buying it and selling them in black markets. This could also lead to identity theft, and could lead the person to situations which may be out of his control.”
Similarly security researcher Rajshekhar Rajaharia said, “Personal details like name, mobile number etc with Aadhaar Number might put you in risk. Fraudsters may use these information in many ways. They can create fake identity and later use it in many ways.” Rajaharia explained that with images available on Twitter and their Aadhaar number, fraudsters can use image altering softwares to create fake Aadhaar cards and hence perpetrating a identitiy theft.
In fact in 2018, the then TRAI Chairman RS Sharma, who is now the National Health Authority CEO and was earlier also the UIDAI chairman had published his Aadhar number in response to a challenge. Following that users on Twitter were able to dig up his mobile numbers, Gmail and Yahoo addresses, physical address date of birth and even his frequent flyer number. Users were also able to identify that he uses an iPhone and sent him money using UPI payments.
Many misusing information from SOS updates
Over the last few days there has been a huge surge on social media networking websites including Facebook, Twitter and Instagram for access to hospital beds, Covid-19 medication, and blood plasma. The details include phone numbers and so on.
Several netizens have come up and said that they were being bombarded with frivolous calls and even harassed in some cases. Such a case of abuse was recorded in a Vice India report recently where in a woman from Mumbai, who had put out an emergency request on Twitter, received obscene photos from men and got calls asking her if she was single.
- Issues with TRAI Chairman RS Sharma publishing his Aadhaar Number, challenging hackers to harm him
- Andhra Pradesh exposes Aadhaar of farmers – once again
- Chennai Corporation leaks more than 30k people’s personal data, including Aadhaar; patches issue
- Updated: Indane says it ‘does not host Aadhaar and therefore no leak’ after 5.8M Aadhaar numbers exposed on site
Update (4.22 pm, April 30): Added redacted screenshot of a user uploading images of a person’s Aadhar