- An independent security researcher claims that the Andhra Pradesh government has shared personal data of Aadhaar holders
- Caste, religion, location, bank accounts with IFSC codes have been put up online
- Kodali Srinivas said he has informed of the privacy breach to the UIDAI and other officials
- The details have been taken down and an investigation is under way
Ever since Indian citizens were asked to enroll for the unique 12-digit Aadhaar number, in which the UIDAI took particulars of one's fingerprints and retina, several people have been concerned about the security of these details. Citizens are worried that hackers would get their hands on these details and misuse them, but it looks like the information is being shared by the government itself, at least in Andhra Pradesh.
An independent security researcher Kodali Srinivas has claimed that the state government has shared personal and bank details of about 1.3 lakh people with several private agencies. He said that details such as caste, religion, location, bank accounts with IFSC codes were being leaked by the government website. This information has reportedly even been put up on a few private sites and is easily downloadable.
The affected people are mostly beneficiaries of the state housing scheme and their details are available on the State Housing Corporation's website, he told the New Indian Express. Srinivas, however, clarified that he hadn't hacked the site and just wanted to alert the authorities of the same. He also said that he has informed of the privacy breach to the UIDAI and other officials.
The details have now been taken down.
Speaking about the matter, Vijayanand, IT Secretary, Government of Andhra Pradesh said that the issue has been noted and a team is working to find out how and what details were leaked. "I cannot comment more on this since we don't have complete information. We will get full details by tomorrow," the NIE quoted him as saying.
Meanwhile, the leak has also affected hundreds of teachers in the state and information on the caste and religion of about 9,766 teachers is said to be available on the website of Commissionerate of School Education. The state IT minister Nara Lokesh has already been told of the leak, but he is yet to respond to the matter.
Details of the Aadhaar are confidential information and cannot be put up online by any party as it violates the Aadhaar Act 2016.
In an incident that made national headlines in 2017, Aadhaar details of star cricketer MS Dhoni had been put up on Twitter by an Aadhaar center. After the image of the cricketer's ID went viral, his wife Sakshi Dhoni complained about it to Union law & justice and information technology minister Ravi Shankar Prasad. The center that put up the image was then blacklisted for 10 years.