Indian Biometric System Data leaked; over 130 M people could be affected

Indians are known for being tech savvies but their Aadhaar system is in problem.

The personal identifiable information of people in the wrong hands could cause a major havoc, and this could happen pretty soon in India. According to the reports, the government sites supposed to protect the user data are instead, leaking it! Names, addresses, date of birth, PAN card details, Aadhaar card numbers and other relevant details of millions of Indian citizen can be found with just a simple Google search.

According to The Wire, the data of at least 130 million Indian citizens has been leaked online and the details leaked could lead to identity theft, financial fraud, and of course Privacy invasion.

Related: Hacker Selling Entire US Voters’ Registration Records on Dark Net

Screenshot of the leaked data / Credit: The Wire

A report published by the Bangalore-based Centre for Internet and Society (CIS) noted that “All of these leaks are symptomatic of a significant and potentially irreversible privacy harm,” and it can create a ripe opportunity for financial fraud.”

The Problem with Aadhaar:

Aadhaar, a system used by the Indian government to identify every person residing in India, is the largest program of its kind, but it does have a huge flaw too. Aadhaar assigns a unique identity number to each and everyone residing in India, and the data is stored in Unique Identification Authority of India (UIDAI) along with a fingerprint and iris scan. But here’s the problem. Aadhaar numbers cannot be verified adequately with the fingerprint and iris scan. If for example, a person uses someone else’s Aadhaar number along with address and other relevant details over the phone, there is essentially a very little chance that he will be caught.

Related  'SNAP' Vulnerability Affecting Millions of LG G3 Smartphones Users

Now, just imagine what the crooks can do with the data of over 130 million Indian residents!

At the time of publishing this article, we haven’t seen media outlets reporting any action taken by the Indian government to handle this massive leak, but one thing is for sure, actions need to be taken very soon. Also, authorities should place proper security measures on the sites containing sensitive data to prevent this kind of incident from happening again.

Related: DCNS submarine document leak exposes Indian naval secrets

You can read Bangalore-based Centre for Internet and Society (CIS)’s full report here.


DDoS attacks are increasing, calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator.