Government officials have repeatedly given assurances that Aadhaar details of the citizens are secure and safe, but hackers seem to always proved them wrong. In the latest incident, the Employees Provident Fund Organization (EPFO) had to temporarily shut down its portal used to seed Aadhaar details with PF accounts after hackers reportedly stole data from the portal.
The issue was raised by EPFO Central Provident Fund Commissioner V P Joy, who reportedly received the information from the Intelligence Bureau. The same was then communicated to Common Service Centre (CSC) Chief Executive Dinesh Tyagi March 23. The breach is likely to have affected about 2.7 crore accounts.
"The web portal has been closed one-and-a-half months ago, immediately after a possible data theft was reported to us during a process of routine security check," Joy told Business Standard Wednesday, May 2.
"There was some problem in the application run by CSC and it is not related to our data centre that maintains the EPF accounts."
He also told the Huffington Post India that he wasn't very sure of the leak, but informed the authorities after he was alerted by the IB. Joy's office also released a statement later on and said: "No confirmed data leakage has been established or observed so far."
After the reported breach created quite a scare, the EPFO refuted these claims and said that it had not observed any data leak. "No confirmed data leakage has been established or observed so far. As part of the data security and protection, the EPFO has taken advance action by closing the server and host service through the CSC pending vulnerability checks," it said in a statement.
Meanwhile, the UIDAI also said that the breach wasn't from its server.
However, the government sources have now confirmed that details of PF accounts were compromised for "a few weeks," before it was detected and the portal was taken down, reported the Huff Post.
This comes just days after the Andhra Pradesh government was accused of sharing Aadhaar details of the residents of the state on its website, as well as, several private agencies.
An independent security researcher Kodali Srinivas has claimed that the state government had leaked details such as caste, religion, location, bank accounts with IFSC codes. This information has reportedly even been put up on a few private sites and is easily downloadable.
The affected people are mostly beneficiaries of the state housing scheme and their details are available on the State Housing Corporation's website, he told the New Indian Express. Srinivas, however, clarified that he hadn't hacked the site and just wanted to alert the authorities of the same. The details have now been taken down.