India Times: Andhra Pradesh agriculture ministry site exposed Aadhaar data of farmers

India Times: Andhra Pradesh agriculture ministry site exposed Aadhaar data of farmers. “Aadhaar numbers of thousands of farmers in Andhra Pradesh have been leaked, with the state’s agriculture ministry exposing the details through an open database on its website. A French security researcher who goes by the Twitter name Elliot Alderson and @fs0c131y Twitter handle, first discovered the data breach on Tuesday.”

TechCrunch: India’s state gas company leaks millions of Aadhaar numbers

TechCrunch: India’s state gas company leaks millions of Aadhaar numbers . “Another security lapse has exposed millions of Aadhaar numbers. This time, India’s state-owned gas company Indane left exposed a part of its website for dealers and distributors, even though it’s only supposed to be accessible with a valid username and password. But the part of the site was indexed in Google, allowing anyone to bypass the login page altogether and gain unfettered access to the dealer database.”

Quartz: In a year of data breaches, India’s massive biometric programme finally found legitimacy

Quartz: In a year of data breaches, India’s massive biometric programme finally found legitimacy. “After almost a decade since its launch, India’s controversial biometric identity programme, Aadhaar, finally got a measure of clarity and legitimacy in 2018—but not before a few egregious breaches were exposed.”

ETCIO: Gemalto apologises for wrong Aadhaar data breach report

ETCIO: Gemalto apologises for wrong Aadhaar data breach report. “Global digital security firm Gemalto has apologised to the ‘people of India’ for publishing an inaccurate report that claimed almost one billion Aadhaar records, including name, address and other personally identified information, were compromised during the first half of 2018.”

Gizmodo Australia: Supreme Court Restricts India’s Colossal Biometric Database

Gizmodo Australia: Supreme Court Restricts India’s Colossal Biometric Database. “India’s Supreme Court ruled on Wednesday that the country’s sweeping biometric database does not violate privacy rights. But the panel of five judges did decide to place restrictions on the program, according to The Times of India. Under the Aadhaar system, all citizens, residents and visiting workers of India — an estimated 1.2 billion people — are virtually required to provide iris scans and fingerprints to the government so they can receive a unique 12-digit identity code.”

Asia Times: India’s ambitious digital ID project faces new security nightmare

Asia Times: India’s ambitious digital ID project faces new security nightmare. “India’s all-pervasive digital identity programme Aadhaar appears to be facing a fresh security scare. The concern may also have national security implications, as suggested by material accessed by Asia Times. The key to the latest security breach comes from a modified Aadhaar enrolment software, known as ECMP, which is being distributed illegally for a cost ranging from Rs 500 to Rs 2,000.”

NDTV: Database Safe But There’s A New Leak. 1.3 Lakh Aadhaar, Bank Details Out

NDTV: Database Safe But There’s A New Leak. 1.3 Lakh Aadhaar, Bank Details Out. “The UIDAI, the body that governs Aadhaar, has told the Supreme Court that its database cannot be breached or used to profile citizens. A new data leak suggests that there may be no need for hackers to go that far. Government departments are already using the unique identification number to aggregate data from different departments, complete with the individual’s religion, caste, bank account numbers and their exact location. Still worse, some of them have placed this private information on its websites for anyone to see.”

ZDNet: A new data leak hits Aadhaar, India’s national ID database

ZDNet: A new data leak hits Aadhaar, India’s national ID database. “India’s national ID database has been hit by yet another major security lapse. Known as Aadhaar, the government ID database is packed with identity and biometric information — like fingerprints and iris scans — on more than 1.1 billion registered Indian citizens, official figures show. Anyone in the database can use their data — or their thumbprint — to open a bank account, buy a cellular SIM card, enroll in utilities, and even receive state aid or financial assistance. Even companies, like Amazon and Uber, can tap into the Aadhaar database to identify their customers.”

Tribune India: Rs 500, 10 minutes, and you have access to billion Aadhaar details

Tribune India: Rs 500, 10 minutes, and you have access to billion Aadhaar details. “It was only last November that the UIDAI asserted that ‘Aadhaar data is fully safe and secure and there has been no data leak or breach at UIDAI.’ Today, The Tribune ‘purchased’ a service being offered by anonymous sellers over WhatsApp that provided unrestricted access to details for any of the more than 1 billion Aadhaar numbers created in India thus far.” 500 rupees is, at this time, about $7.89.