There has been growing concern following reports suggesting 6000 Indian businesses and government agencies was up for sale on the Internet. This was put to rest on Wednesday when the Unique Identification Authority of India (UIDAI) denied any such claims confirming all records in the database were safe and there has been no data breach.
In an official statement from the UIDAI, a statutory authority collecting and maintaining the world’s largest biometric ID system said – the reported breach “does not contain any confidential data of UIDAI and has not affected any services provided by the authority.”
By the end of August 14, 2017, there have been around 117 crores Indian enrolled for Aadhaar for direct benefits, other subsidies, and services by the government.
The statement said – “The UIDAI constantly strengthens and reviews its infrastructure and ecosystems in line with the best international security practices and technological standards and have multi-layered security and privacy considerations built into the core strategy of Aadhaar with three basic doctrines of minimal information, optimal ignorance and federated database which give higher level of security.”
The statement was in response to the statement made by the global IT security firm Quick Heals Enterprise Security brand Seqrite Cyber Intelligence Labs which claimed to have discovered an advertisement on DarkNet forum.
According to Seqrite Cyber Intelligence Labs the advertisement claims to have access to data of over 6,000 Indian businesses that include Internet Service Providers (ISPs), some key government organisations, banks and enterprises.
The information was discovered by Seqrite Cyber Intelligence Labs, along with its partner seQtree InfoServices, who discovered the advertisement by an unknown hacker who priced the information at 15 Bitcoins (nearly Rs 42 lakh).
The organisation in the line of fire were UIDAI, Idea Telecom, Bombay Stock Exchange (BSE), Flipkart, DRDO, Aircel, Reserve Bank of India, BSNL, SBI, TCS, ISRO, ICICI Prudential Mutual Fund, VMWare, Employees’ Provident Fund Organisation and various Indian state government portals.
Reacting to the possible cyber threat the UIDAI said it was well equipped with robust security controls and protocols to counter any attempts or malicious designs of data breach or hacking.
“Security of Aadhaar is of critical importance to the government and the UIDAI has given it paramount significance.”