TechCrunch: India’s state gas company leaks millions of Aadhaar numbers

TechCrunch: India’s state gas company leaks millions of Aadhaar numbers . “Another security lapse has exposed millions of Aadhaar numbers. This time, India’s state-owned gas company Indane left exposed a part of its website for dealers and distributors, even though it’s only supposed to be accessible with a valid username and password. But the part of the site was indexed in Google, allowing anyone to bypass the login page altogether and gain unfettered access to the dealer database.”

Quartz: In a year of data breaches, India’s massive biometric programme finally found legitimacy

Quartz: In a year of data breaches, India’s massive biometric programme finally found legitimacy. “After almost a decade since its launch, India’s controversial biometric identity programme, Aadhaar, finally got a measure of clarity and legitimacy in 2018—but not before a few egregious breaches were exposed.”

ETCIO: Gemalto apologises for wrong Aadhaar data breach report

ETCIO: Gemalto apologises for wrong Aadhaar data breach report. “Global digital security firm Gemalto has apologised to the ‘people of India’ for publishing an inaccurate report that claimed almost one billion Aadhaar records, including name, address and other personally identified information, were compromised during the first half of 2018.”

Gizmodo Australia: Supreme Court Restricts India’s Colossal Biometric Database

Gizmodo Australia: Supreme Court Restricts India’s Colossal Biometric Database. “India’s Supreme Court ruled on Wednesday that the country’s sweeping biometric database does not violate privacy rights. But the panel of five judges did decide to place restrictions on the program, according to The Times of India. Under the Aadhaar system, all citizens, residents and visiting workers of India — an estimated 1.2 billion people — are virtually required to provide iris scans and fingerprints to the government so they can receive a unique 12-digit identity code.”

Asia Times: India’s ambitious digital ID project faces new security nightmare

Asia Times: India’s ambitious digital ID project faces new security nightmare. “India’s all-pervasive digital identity programme Aadhaar appears to be facing a fresh security scare. The concern may also have national security implications, as suggested by material accessed by Asia Times. The key to the latest security breach comes from a modified Aadhaar enrolment software, known as ECMP, which is being distributed illegally for a cost ranging from Rs 500 to Rs 2,000.”

NDTV: Database Safe But There’s A New Leak. 1.3 Lakh Aadhaar, Bank Details Out

NDTV: Database Safe But There’s A New Leak. 1.3 Lakh Aadhaar, Bank Details Out. “The UIDAI, the body that governs Aadhaar, has told the Supreme Court that its database cannot be breached or used to profile citizens. A new data leak suggests that there may be no need for hackers to go that far. Government departments are already using the unique identification number to aggregate data from different departments, complete with the individual’s religion, caste, bank account numbers and their exact location. Still worse, some of them have placed this private information on its websites for anyone to see.”