Local news sites in India are reporting that the government's biggest citizen database, which holds demographic data from roughly 1.2 billion people, has been compromised.
In 2010 India started scanning personal details like names, addresses, dates of birth, mobile numbers, and more, along with all 10 fingerprints and iris scans of its 1.3 billion citizens, into a centralized government database called Aadhaar to create a voluntary identity system. On Wednesday this database was reportedly breached.
According to BuzzFeed, a local Indian news portal got in touch with a certain person which goes under the pseudonym Anil Kumar via WhatsApp, and paid him roughly $8 to get access to Aadhaar, a centralised government citizen database.
Kumar was able to create unique login credentials which the journalists used to access the database. Allegedly, it holds information like names, addresses, dates of birth, or mobile numbers. Apparently, whoever gets invited into the system by an administrator, can create valid login credentials themselves.
The government agency responsible for the entire system called it a “major national security breach”, however other government sources have denied the claims, saying the database is fully secured.
India’s Narendra Modi-led Bharatiya Janata Party dismissed everything as “fake news”. In a statement provided to BuzzFeed News, the UIDAI said it “denied” the Tribune report and that “Aadhaar data including biometric information is fully safe and secure.” The agency added that the journalists had misused the database search mechanism available only to government officials. It also said it would sue.
e-End operates a secure facility in Frederick, MD, specializes in destroying a wide variety of classified data and various controlled devices. This includes destruction of data containing hard drives, destruction of itar controlled devices, it equipment, and tactical military devices. They routinely destroy body armor that has reached the end of its certified period of use.