(Reuters) — India on Thursday started investigating a report that entry to its database of the id particulars of greater than 1 billion residents was being bought for simply $8 on social media, in what may very well be one of many large program’s largest safety breaches.
The Tribune newspaper stated it had been capable of purchase login credentials to the Aadhaar database, permitting it to accumulate data such because the names, phone numbers and residential addresses of tens of millions of individuals.
The paper stated it purchased entry for as little as 500 rupees ($7.89) from somebody on a WhatsApp social media group.
The “case seems to be an occasion of misuse,” stated the Unique Identification Authority of India (UIDAI), which runs the biometric id card scheme, the world’s largest.
The company stated it had initiated a police grievance towards the folks answerable for promoting the entry, however didn’t determine them.
Crucial information, “together with biometric data, is totally secure and safe,” the company stated in an announcement. The database incorporates fingerprints and iris scans, apart from primary data particulars.
“Mere show of demographic data can’t be misused with out biometrics,” it added, ruling out monetary fraud, saying entry to financial institution accounts required additional authentication that concerned fingerprint and iris scans.
But the breach is the newest in a program going through growing scrutiny over privateness considerations and is more likely to immediate additional questions on information security.
India’s Supreme Court is holding hearings to determine if a drive by the administration of Prime Minister Narendra Modi to hyperlink Aadhaar to personal and public companies infringes the privateness rights of people.
“The perils of creating Aadhaar obligatory and linking it to financial institution accounts, as insisted upon by the Modi authorities, are seen right here,” Sitaram Yechury, a pacesetter of the communist get together, stated in a Twitter publish.
“Do we’d like extra proof to cease this insanity?”
Last month, the company barred telecoms agency Bharti Airtel and its Airtel Payments Bank from utilizing Aadhaar particulars to confirm prospects’ identities, as a result of the ability was being misused to open accounts on its cost platform.
($1=63.3925 Indian rupees)
(Editing by Paritosh Bansal, Sanjeev Miglani and Clarence Fernandez)
This article sources data from VentureBeat