New Delhi: Dismissing reports about a fresh data leak of Aadhaar holders, the Unique Identification Authority of India on Saturday maintained that the biometric ID programme remains “safe and secure”. “There is no truth in this story as there has been absolutely no breach of UIDAI’s Aadhaar database,” the UIDAI clarified.
The UIDAI response came hours after ZDNet, an online portal, reported that a data leak on a system run by a state-owned utility company can allow access to private information of Aadhaar holders, exposing their names, their unique 12-digit identity numbers, and their bank details.
While withholding the name of the utility and other details, the report said the security lapse remains to be fixed despite being flagged to some government agencies over a period of time. The report quoted Karan Saini, a New Delhi-based security researcher, as saying that anyone with an Aadhaar number was affected.
The UIDAI said that the story sourced from ZDNet relating to Aadhaar database is totally baseless, false and irresponsible. The news report had stated that the database of the state utility company containing its customer details such as bank account numbers, consumer number, 12-digit Aadhaar number could be made accessible to outsiders and hence misused. Questioning this claim, the UIDAI, in its press release said, “Even if the claim purported in the story were taken as true, it would raise security concerns on database of that Utility Company and has nothing to do with security of UIDAI’s Aadhaar database.
If one goes by the logic of ZDNet’s story, since the Utility company’s database also had bank account numbers of its customers, so would that mean that all Indian banks’ databases have been breached? The answer would obviously be in negative.”
They further countered the news report and said the Aadhaar number is not a secret number and mere accessibility to it is not a security threat to the Aadhaar holder. Therefore, the UIDAI claimed that this cannot result in frauds of financial or any other nature as long as the biometrics are safe.
Calling it a misleading information with possible vested interests of those making the claims, the UIDAI advised people to not believe such “false and irresponsible” reports.