Aadhaar came into existence in the year 2009. Since then every citizen of India is provided with a unique Id number which would distinct him/her from the entire population. A 12 digit number has been provided to every person, through biometric and demographic data of that particular individual.
There have been various merits which resulted out of the commencement of the Aadhaar idea. Though, just like any other thing, the Aadhaar system is also prone to the negativities of the world. There have been quite a lot of instances when the personal data from Aadhaar has been hacked and leaked onto the internet. One among such scams has been reported to be done by the company LPG. Such kind of unprotected third-party database has been releasing the personal details of customers including their Aadhaar number for a long time.
The French researcher
A name has been trending since a few years to have hacked and discovered a loophole in the security system of aadhaar. He goes by the name Baptiste Robert and has a Twitter handle namely Elliot Alderson. He had previously leaked data from Aadhaar and released it to the public, stating the kind of a loophole he has found in the system of Aadhaar.
The story starts with, there is an Indian hacker or researcher who had discovered the fault in the system and contacted Robert out of sheer panic as he has always been in the heading. Upon sharing the information with Robert, he discovered that there has actually been a fault and that attackers can fetch the data of millions of Indian if they manage to know the usernames of every employee.
The usernames were as well more than easy to obtain which was a result of a vulnerability of the Indane’s official website. Through the same Robert could find around 11, 062 valid dealer’s ID. Among all the Ids discovered, he went on to use a number of 9490 Ids which he used against the company, to fetch out the data including aadhaar numbers, names and residential address.
He first decided to show the company his findings, but upon failing to obtain a response from the company, he decided to disclose it publicly and he did the same on 19th February. The Indian researcher who is the initiator of this reform has actually chosen to stay anonymous and hence Robert has been making all the public appearances.
The company’s response
When contacted the company about the same, it has denied accepting any kind of allegations. A statement was made by Indian Oil Corp Ltd, which owns Indane, through a social media platform known as Twitter. The statement read: – “There is no leak of Aadhaar data through Indane website.” When acknowledgement was asked to make of the security breach, the company instead tried to pass on the blame onto the Aadhaar company by saying that – Indian Oil captures on the Aadhar number of the person through its software and that to just to transfer LPG subsidiary.
Aadhaar data which was leaked by a French researcher in collaboration with an anonymous India researcher has been denied to be the fault of the company as the company states it is not possible to be leaked through their end.
Author: Prachi K
Technical Writer, Branding Executive – Hackers Interview. Prachi has professional experience in the area of Branding and Article writing.