UIDAI calls report on new Aadhaar database leak ‘false, baseless’


New Delhi, Mar 25 (PTI): The Unique Identification Authority of India (UIDAI) on Saturday refuted reports about a fresh data leak of Aadhaar holders, and asserted that there has been “absolutely no breach” of its database.

The statement comes after ZDNet, a technology news portal cited a security researcher’s claim to state that a system of state-owned utility firm was allegedly leaking information on Aadhaar holders.

In a statement issued in New Delhi, UIDAI, the Aadhaar-issuing body, said, “There is no truth in this story as there has been absolutely no breach of UIDAIs Aadhaar database. Aadhaar remains safe and secure”.

It termed the data breach claims as “totally baseless, false and irresponsible”.

“UIDAI today has refuted reports in a certain section of media sourced from the news website ZDNet which has quoted a person purportedly claiming to be a security researcher that a state-owned utility company has vulnerability which can be used to access a huge amount of Aadhaar data including banking details,” UIDAI said in its statement.

The UIDAI has argued that even if the report claims were taken to be true, the security related concerns should be around the database of utility company in question. It has “nothing to do with security of UIDAIs Aadhaar database”, it said.

Going by the logic of the report, since the utility company’s database also had bank account numbers of its customers, would bank databases also be considered to have been breached, UIDAI questioned.

“The answer would obviously be in negative,” it added.

UIDAI argued that mere availability of Aadhaar number with a third person “will not be a security threat to the Aadhaar holder” nor will it lead to financial or other fraud. This is because a transaction is contingent upon a successful authentication through fingerprint, Iris or OTP of the Aadhaar holder, UIDAI said.

The ZDNet report had claimed that “a data leak on a system run by a state-owned utility company can allow anyone to download private information on all Aadhaar holders, exposing their names, their unique 12-digit identity numbers, and information about services they are connected to, such as their bank details and other private information.”

The report of the alleged security lapse comes at a time when a Constitutional bench of the Supreme Court is hearing a clutch of petitions challenging the Aadhaar Act and the use of biometric identifier in various government and non-government services.

Earlier this week, UIDAI CEO Ajay Bhushan Pandey had made a powerpoint presentation in the Supreme Court to defend the government’s ambitious Aadhaar scheme. He had said that breaking Aadhaar encryption may take “more than the age of the universe for the fastest computer on earth.”

  

Top Stories

Comment on this article

  • mohan sr., Mangalore

    Sun, Mar 25 2018

    This fake government only make fake data... fake news.... fake development .... fake promises ... ...
    They cannot do any constructive work..... Full corrupt government Making money by only fake work....

    DisAgree [1] Agree [2] Reply Report Abuse

  • Jossey Saldanha, Mumbai

    Sun, Mar 25 2018

    UIDAI is also using the word FAKE ...

    DisAgree [1] Agree [4] Reply Report Abuse

  • Vincent Rodrigues, Bengaluru/Katapadi

    Sun, Mar 25 2018

    No one to play with privacy of any individual which may be used for wrong purpose anytime.

    DisAgree Agree [3] Reply Report Abuse

  • PEDDA GUNDA, MANGALURU

    Sun, Mar 25 2018

    Dear Udai ! whatever your intentions are but dont play with public privacy which may hacked and leaked !

    We knew that VIP data will be secured but how about general public ! what is the

    DisAgree Agree [5] Reply Report Abuse


Leave a Comment

Title: UIDAI calls report on new Aadhaar database leak ‘false, baseless’



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.