Aadhaar is the world’s largest Biometric ID system and it keeps getting hacked making the personal data of many India’s citizens only and up for grabs. The critics of India’s Aadhaar system have been very vocal about the flaws of this Biometric system however the world refused to listen to them.
However with the latest list of security breaches it is very obvious that Aadhaar is no longer protected. The Tribune newspaper was able to buy the data through Paytm in just 10 minutes and only for $5. The agent running this group gave access to a gateway and gave them a login ID and password to enter into any Aadhaar number in the portal. Not only were they able to buy the data but they could even buy the software that will help them print fake Aadhaar cards as well.
Aadhaar’s data includes fingerprints, names, addresses, retina scans and phone numbers, through which you can purchase SIM cards, open a bank account and even use it for important government services. The information that was exposed did not include any biometric data but contained personal information regarding name, emails, photographs and phone numbers.
The UIDAI (Unique Identification Authority Of India) claims that over 1.20 billion people have registered in the system since the early 2009. The cofounder of Internet Freedom Foundation, Kiran Jonnalagadda told the Motherboard that, “I’m not very surprised with this breach but I am surprised at how widespread the access was”
Even before this WhatsApp hacking took place Aadhaar’s was having a bad security record for some time. In July, almost 200 government agencies posted sensitive Aadhaar data online furthermore this news came after 600,000 children had their data disclosed by another government website again leaking information that was very personal.
This was not enough; right away the revelation of this, an online researcher hacked in to Aadhaar’s official Android app to prove that it was poorly secured. This online researcher, going by the name of Elliot Alderson showed that the app has very poor security and further claimed that it is super easy to get the password of the database of the app.
He claimed that Aadhaar saves your biometric settings in a local database and you can enter in it using a password that you can guess. Aadhaar is in actual fact becoming de facto essential with more and more people trying to link it with banks and phone accounts. The UIDAI officials in Chandigarh were very shocked on this data being accessed and immediately took up the matter with technical consultants.
So in short, everyone’s personal information is at a great risk and the only way to stop this from happening is to cause more precautionary measures and better hacking protection.