Ever since the news of MobiKwik data leak broke, people are on edge about the security of their personal information getting leaked on the dark web. Although the company has denied any breach, several users claim to have found their credit and debit card details on the dark web. Amidst the MobiKwik incident, there were reports about DigiLocker breach, which leaked Aadhaar copies of users, which put users into panic. But there's no reason to be worried and we explain why.
There were reports on social media about a data breach on DigiLocker, the Government of India's platform for issuance and verification of documents and certificates. Leaked data showed photos of Aadhaar cards shared on Telegram. There were tens of photos of Aadhaar with the photos and the unique identification number clearly visible.
The Aadhaar photo copies were shared by Telegram channel named "aadhaar_db [breach]." The leak claims the database claims to have over 10TB of data and 88.630.228 files. More so, 8.6 million people's Aadhaar cards from Digilocker got leaked, the file description read.
International Business Times reviewed the claim about DigiLocker breach and found traces of Aadhaar as claimed. But there are many red flags. As pointed out by Abhishek Singh, IAS, CEO of National e-Governance Division, Ministry of Electronics & IT, the leaked data is not due to DigiLocker leak. In fact, the photos of Aadhaar on Telegram channel are all scanned copies or images, which appear to have been skimmed off from a matrimonial service provider.
"The Aadhaar numbers on published documents were checked to see whether a DigiLocker account with those Aadhaar numbers exist and it was found that the accounts for most of these Aadhaar numbers do not exist on DigiLocker," Singh said.
Furthermore, the files published on the Telegram channel are in .docx format, whereas DigiLocker does not support this format. It is also worth noting that the file names of the leaked files are in sequential numbers, but when a user uploads documents on DigiLocker, file names are user defined and in free text format.
Singh confirmed that DigiLocker "remains completely safe and there is no breach of any kind. Team Digilocker is ever vigilant to ensure systems remain 100% secure."