A new data leak hits Aadhaar, India's national ID database Exclusive: The data leak affects potentially every Indian citizen subscribed to the database
India's national ID database has been hit by yet another major security lapse.
Known as Aadhaar, the government ID database is packed with identity and biometric information -- like fingerprints and iris scans -- on more than 1.1 billion registered Indian citizens, official figures show. Anyone in the database can use their data -- or their thumbprint -- to open a bank account, buy a cellular SIM card, enroll in utilities, and even receive state aid or financial assistance. Even companies, like Amazon and Uber, can tap into the Aadhaar database to identify their customers.
MORE SECURITY NEWS
Netflix asks you to start hacking, bug bounty program is now public
Dropbox updates its vulnerability disclosure policy to protect researchers
Mark Zuckerberg outlines Facebook's response to Cambridge Analytica controversy
Securing Facebook: Keep your data safe with these privacy settings
Enrolling in the database isn't mandatory, but Indian citizens who aren't subscribed are unable to access even basic government services. Other countries are set to follow India's lead.
But the system has been dogged with security problems -- including, according to India's Tribune, a data breach. India's ruling Bharatiya Janata political party later called the report "fake news."
Now, the database was leaking information on every Aadhaar holder, a security researcher has told ZDNet.
A data leak on a system run by a state-owned utility company Indane allowed anyone to download private information on all Aadhaar holders, exposing their names, their unique 12-digit identity numbers, and information about services they are connected to, such as their bank details and other private information.
For future viewers: price of bitcoin at the moment of posting is 8508.90USD