In what could be one of the biggest security fail, millions of Aadhaar numbers stand allegedly exposed.
The details of millions of Aadhaar numbers were leaked after reportedly Indane left exposed sensitive website details for dealers and distributors.
TechCrunch claims that they have verified the revelations separately with UIDAI’s web-based verification tool, with each of the Aadhaar numbers getting a positive match.
The leak was found by a french security researcher and in a detailed blog post, he shared about his findings. Researcher shared in his medium blog post that he found details of more than 5.8 million Indane customer before his IP got blocked. In the post he said that the total number of records affected by it could reach to 6,791,200!
It’s time to publish the details of the biggest #DataLeak I had to deal with. @IndianOilcl leaked #Aadhaar numbers: 6,700,000 Aadhaar numbers https://t.co/QJaDZlOBcR
— Elliot Alderson (@fs0c131y) February 19, 2019
Alderson has been vocal regarding issues relating to cyber security over the years. He gained popularity in India for his continuous revelations of loopholes in the country’s largest biometric database, Aadhar.
Elliot Alderson, a Twitter alias inspired by the popular TV series on cyber security. A network and telecommunications engineer, he is said to develop applications for Android platform.
Only last month, India’s largest bank – State Bank of India, leaked sensitive details such as bank balance and bank account number of million of its customers.
The bank apparently had forgotten to secure a server that was hosting sensitive information of millions of its customers. The server was in one of its Mumbai installations.
A report in Techcrunch, which came to know about the unsecured server after a tip-off by an anonymous security researcher, highlights that “the bank had not protected the server with a password, allowing anyone who knew where to look to access the data on millions of customers’ information”.
