Sunday, July 3, 2022
HomeTechAadhaar Knowledge of Farmers Uncovered by a Authorities Web site: Researcher

Aadhaar Knowledge of Farmers Uncovered by a Authorities Web site: Researcher


Aadhaar information of a lot of farmers was leaked by a authorities web site designed for the welfare of the agriculture sector in India, a safety researcher has reported. The web site, known as PM Kisan, permits the federal government to distribute grants to farmers beneath the Pradhan Mantri Kisan Samman Nidhi programme. Nevertheless, because of a problem, one in every of its elements was publicly exposing Aadhaar numbers of enrolled farmers. The web site has registered over 110 million farmers since its launch in 2019.

Safety researcher Atul Nair stated in a publish on Medium that part of the PM Kisan web site was leaking the Aadhaar variety of its registered farmers.

“The web site offers an endpoint, which returns details about the beneficiary. This endpoint was additionally sending Aadhaar numbers,” Nair informed IHNS.

The problem was first noticed by the researcher in late January and was reported by India’s Laptop Emergency Response Workforce (CERT-In). Shortly after receiving the report, the nodal company forwarded the small print to the involved authorities. They, nonetheless, apparently took some months to repair the publicity.

Nair wrote in his publish that the difficulty was fastened in late Could. He informed IHNS that he had confirmed that the difficulty was now not reproducible.

Nevertheless, it isn’t confirmed whether or not an attacker was capable of breach the information till it obtained fastened.

CERT-In appreciated the researcher for reporting the difficulty, although it didn’t explicitly affirm the repair or whether or not the information was not breached.

IHNS has reached out to the Nationwide Informatics Centre (NIC) — the developer and maintainer of the PM Kisan web site. This text will probably be up to date when the division responds.

Aadhaar numbers of people within the nation will not be of confidential nature, per the Distinctive Identification Authority of India (UIDAI) — the statutory authority that’s mandated to subject the 12-digit uniquely recognized numbers. Nonetheless, it does prohibit customers from sharing Aadhaar playing cards on public platforms.

That is notably not the primary time when the Aadhaar information of people was uncovered by a authorities web site. In 2019, the Jharkhand authorities reportedly uncovered the distinctive identification numbers of its 1000’s of staff.

A couple of days later, state-owned liquid petroleum gasoline (LPG) producer Indane had additionally allegedly uncovered Aadhaar particulars of hundreds of thousands of its shoppers.


RELATED ARTICLES

Most Popular