Newsbytes
  • India
  • Business
  • World
  • Politics
  • Sports
  • Technology
  • Entertainment
  • Auto
  • Lifestyle
  • Inspirational
  • Career
  • Bengaluru
  • Delhi
  • Mumbai
  • Videos
  • Visual Stories
  • Reviews
  • Phone Reviews
  • Fitness Bands Reviews
  • Speakers Reviews
  • Find Cricket Statistics
Hindi
More
In the news
Supreme Court Of India
2002 Gujarat Riots
Enforcement Directorate (ED)
Maharashtra Government
University Grants Commission
Alt News
Newsbytes
Hindi
Newsbytes
User Placeholder

Hi,

Logout


India
Business
World
Politics
Sports
Technology
Entertainment
Auto
Lifestyle
Inspirational
Career
Bengaluru
Delhi
Mumbai
Videos
Visual Stories
Reviews
Phone Reviews
Fitness Bands Reviews
Speakers Reviews
Find Cricket Statistics

More Links
  • Videos

Download Android App

Follow us on
  • Facebook
  • Twitter
  • Linkedin
  • Youtube
 
Home / News / India News / UIDAI denies claims of Aadhaar data breach on Indane's systems
India

UIDAI denies claims of Aadhaar data breach on Indane's systems

UIDAI denies claims of Aadhaar data breach on Indane's systems
Written by Bhavika Bhuwalka
Mar 25, 2018, 01:34 pm 3 min read
UIDAI denies claims of Aadhaar data breach on Indane's systems
Credits:

The UIDAI has denied the claims of an Aadhaar data breach on the systems run by state-owned utility company Indane. Earlier, a report by ZDNet suggested that the Aadhaar details of all registered Indane customers were exposed online and could be accessed by anyone. UIDAI said that "there is no truth in this story" and that they were "contemplating legal action against ZDNet."

Context
Report claimed Indane's unsecured API put Aadhaar data at risk

The report claimed that Indane's API wasn't secure, allowing access to personal information like names, unique 12-digit Aadhaar numbers, and bank names related to those Aadhaar numbers. "The affected endpoint uses a hardcoded access token, which, when decoded, translates to 'INDAADHAARSECURESTATUS,' allowing anyone to query Aadhaar numbers against the database without any additional authentication," the report said.

Quote
Aadhaar biometric data not easy to hack: UIDAI

Last week, UIDAI CEO Ajay Bhushan Pandey said, "Each Aadhaar biometric is encrypted by a 2048-key combination and to decode it, the best and fastest computer of our era will take the age of the universe just to hack into one card's biometric details."

Response
UIDAI threatens legal action against ZDNet

"One must understand that the Aadhaar number is not a secret number," UIDAI explained. "Mere availability of Aadhaar number with a third person will not be a security threat to the Aadhaar holder or will not lead to financial/other fraud, as for any transaction, a successful authentication through fingerprint, Iris or OTP of the Aadhaar holder is required," it added.

Background
Indane's endpoint vulnerability discovered by Delhi-based security researcher

The ZDNet report said the endpoint vulnerability was discovered by Delhi-based security researcher Karan Saini. He claimed that since Indane has access to the entire Aadhaar database through an unsecured API, information of all Aadhaar holders was at risk. Hackers can go through endless permutations to guess an Aadhaar number and steal its corresponding information since the API doesn't employ rate limiting, Saini added.

Claims
Informed government of the data breach a month ago: ZDNet

ZDNet said that it had informed the government of the alleged data breach a month ago but received no response regarding the same. It then contacted the Indian Consulate in New York and Devi Prasad Misra, consul for trade and customs, but to no avail. However, ZDNet claims that within hours of publishing the story, the affected endpoint was taken offline.

Information
Earlier, security researcher hacked Aadhaar to access 22,000 card details

Aadhaar has been continuously in the news regarding security vulnerabilities. Earlier, French security researcher Elliot Alderson hacked into the Aadhaar Android app within a minute and reportedly gained access to 22,000 card details. Notably, Aadhaar is the world's biggest database with over 1.1 billion users.

Share this timeline
Facebook
Whatsapp
Twitter
Linkedin
Bhavika Bhuwalka
Bhavika Bhuwalka
Mail
Latest
Aadhaar Card
Data Leak
Elliot Alderson
Unique Identification Authority of India
ZDNet
Latest
Apple AirPods Pro (2nd generation) to feature Type-C port
Apple AirPods Pro (2nd generation) to feature Type-C port Technology
England vs India, 5th Test: Day 4 report and stats
England vs India, 5th Test: Day 4 report and stats Sports
2022 Wimbledon: Simona Halep beats Paula Badosa, reaches quarter-finals
2022 Wimbledon: Simona Halep beats Paula Badosa, reaches quarter-finals Sports
Rohit Sharma vs England: Decoding his stats in white-ball cricket
Rohit Sharma vs England: Decoding his stats in white-ball cricket Sports
Akasa Air boasts new crew uniforms as youthful, eco-friendly
Akasa Air boasts new crew uniforms as youthful, eco-friendly Business
Aadhaar Card
What is masked Aadhaar, how to download it
What is masked Aadhaar, how to download it India
Centre issues notification on linking Aadhaar with voter ID
Centre issues notification on linking Aadhaar with voter ID India
Centre withdraws advisory to use masked Aadhaar at public places
Centre withdraws advisory to use masked Aadhaar at public places India
Govt plans one unique ID to access multiple digital IDs
Govt plans one unique ID to access multiple digital IDs India
Government to provide consent form for sharing of Aadhaar details
Government to provide consent form for sharing of Aadhaar details India
More News
Data Leak
Cyberattack targets Acer's Indian aftersales systems, steals 60GB of data
Cyberattack targets Acer's Indian aftersales systems, steals 60GB of data Technology
Here's why security researchers think Amazon's Astro bot isn't safe
Here's why security researchers think Amazon's Astro bot isn't safe Technology
Researcher discovers FBI terrorist watchlist exposed online for three weeks
Researcher discovers FBI terrorist watchlist exposed online for three weeks Technology
T-Mobile investigating alleged data hack affecting 100 million customers
T-Mobile investigating alleged data hack affecting 100 million customers Technology
Government claims Co-WIN data of 150 million Indians wasn't leaked
Government claims Co-WIN data of 150 million Indians wasn't leaked Technology
More News
Elliot Alderson
Aarogya Setu 'most secure app', says government amid privacy concerns
Aarogya Setu 'most secure app', says government amid privacy concerns India
#WeeklyRecap: New MacBook, Surface notebooks, Unacademy breach, and more
#WeeklyRecap: New MacBook, Surface notebooks, Unacademy breach, and more Technology
Aarogya Setu for feature phone, landline: How to use it
Aarogya Setu for feature phone, landline: How to use it Technology
Hacker flags 'security issue' in Aarogya Setu, government responds
Hacker flags 'security issue' in Aarogya Setu, government responds Technology
Dating app for Trump fans leaks users' data on launch-day
Dating app for Trump fans leaks users' data on launch-day World
More News
Unique Identification Authority of India
Aadhaar: No fingerprint, eye scan for children under 5 years
Aadhaar: No fingerprint, eye scan for children under 5 years India
#TechBytes: 4 handy features in UIDAI's new mAadhaar app
#TechBytes: 4 handy features in UIDAI's new mAadhaar app Technology
You'll be fined Rs. 10,000, if you give wrong PAN
You'll be fined Rs. 10,000, if you give wrong PAN Business
Now, apply for instant e-PAN using Aadhaar. Here's how
Now, apply for instant e-PAN using Aadhaar. Here's how Business
Government doesn't know what it spent to make one Aadhaar
Government doesn't know what it spent to make one Aadhaar India
More News
ZDNet
Garmin suffers massive outage, leaving fitness devices disconnected
Garmin suffers massive outage, leaving fitness devices disconnected Technology
This malware can steal passwords, card data from 300+ apps
This malware can steal passwords, card data from 300+ apps Technology
Critical security vulnerability detected in top antivirus apps
Critical security vulnerability detected in top antivirus apps Technology
20 million Aptoide app store users compromised in data leak
20 million Aptoide app store users compromised in data leak Technology
Microsoft Surface Neo and Windows 10X launch postponed beyond 2020
Microsoft Surface Neo and Windows 10X launch postponed beyond 2020 Technology
More News
Next News Article
Next News Article

Love India news?

Subscribe to stay updated.

India Thumbnail
India News Business News World News Politics News Sports News Technology News Entertainment News Auto News Lifestyle News Inspirational News
Career News Bengaluru News Delhi News Mumbai News Mukesh Ambani Indian Premier League (IPL) Karnataka Samsung Xiaomi West Bengal
Bihar Virat Kohli Rohit Sharma Haryana Narendra Modi Arvind Kejriwal Tamil Nadu Gujarat Yogi Adityanath YouTube
Instagram Hollywood News Uttar Pradesh Kerala Netflix Bollywood News Mamata Banerjee Maruti Suzuki Rahul Gandhi Elon Musk
Shah Rukh Khan Chelsea FC OPPO Akhilesh Yadav Indian Cricket Team Apple Manchester United Salman Khan Cryptocurrency OnePlus
Amitabh Bachchan ICC Women's World Cup Vivo India vs Sri Lanka
About Us Privacy Policy Terms & Conditions Contact Us Ethical Conduct Grievance Redressal News News Archive Topics Archive IPL 2022 Schedule IPL 2022 Points Table Find Cricket Statistics
Follow us on
Facebook Twitter Linkedin Youtube
All rights reserved © NewsBytes 2022