Aadhaar Leak: Jharkhand Government Reportedly Exposed Details of Thousands of Workers

Share on Facebook Tweet Share Reddit Comment
Aadhaar Leak: Jharkhand Government Reportedly Exposed Details of Thousands of Workers

Jharkhand government was running an unprotected Aadhaar-based attendance system on its website

Highlights
  • Over a lakh Aadhaar numbers seem to have been left unprotected
  • The database also leaked names, designations, and photos of workers
  • The website seems to have been taken down now

Joining the growing list of infamous Indian governmental institutions and agencies, Jharkhand government has allegedly been spotted leaking the Aadhaar numbers and other personal details of thousands of governments workers on its website. The online system being used by the government to manage the attendance of all of the governmental workers in the state reportedly had no security protections and the webpages with personal details of employees were easily accessible to anyone who knew where to look for. The website is currently inaccessible.

According to a report by TechCrunch, the Web-based attendance system of the Jharkhand government has been left unprotected at least as far back as 2014. It offered details like government worker name, their photo, designation, partial phone numbers, and the Aadhaar number. The Aadhaar numbers were  not directly listed on the webpage, but the website was fetching the image of the workers by sending their Aadhaar number, which are clearly visible in the URL of the image link.

The report adds that the attendance system was hosted on a sub-domain of the official website of the Jharkhand government and the same was even indexed in Google, making its accidental discovery quite possible for anyone. The cache pages of the individual government employee attendance records can be easily found in the search giant's index. Further, anyone with even the basic knowledge of coding could scrape the entire website very easily, the report claimed citing a security researcher. Over a lakh Aadhaar numbers are said to have been left unprotected.

aadhaar example leak Aadhaar Leak

Photo Credit: TechCrunch

 

TechCrunch was reportedly able to verify the authenticity of the Aadhaar numbers found on the Jharkhand government website by the checking the same using UIDAI's official tool.

Although the latest leak isn't directly related to the Unique Identification Authority of India (UIDAI), the agency that manages Aadhaar infrastructure in the country, it shows how the Aadhaar data can become so easily vulnerable even when in hands of other governmental agencies. Also, the mere leak of Aadhaar numbers doesn't seem very alarming, but such a database has the potential of being used by malicious parties for social engineering hacks.

Previously, an unnamed government-owned utility service provider, several government websites, and more have been found to be leaking Aadhaar related information.

Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and subscribe to our YouTube channel.

Gaurav Shukla Paranoid about online surveillance, Gaurav believes an artificial general intelligence is one day going to take over the world, or maybe not. He is a big ‘Person of Interest’ fan. More
Budget 2019: National Artificial Intelligence Portal Announced, to Help Boost Sector
India's New Foreign Direct Investment Rules for E-Commerce: All You Need to Know
 
 

Advertisement

 

Advertisement

© Copyright Red Pixels Ventures Limited 2019. All rights reserved.