UIDAI Makes Contradictory Claims In Tweetstorm About Aadhaar Security Threats

Over 71 Crore Mobile Numbers Linked with Aadhaar IT Minister Ravi Shankar Prasad

Time and again, the security of Aadhaar has been proclaimed as the all-time in the world by UIDAI and the Indian government has called it impenetrable on every occasion of breach or vulnerability. Several security researchers have pointed at the government's imperfect impression of what the give-and-take "impenetrable" means, and equally a result Aadhaar has gone from a tool of empowerment to a grave national identity crisis.

And now, UIDAI'south Twitter account was engaged in a ping-pong game of arraign and defence force – itself being the only actor, claiming that "unscrupulous elements" have been trying to paint an wrong image of the unique identification ID's security. UIDAI posted a tweetstorm with more than 10 tweets, hit out at those who question the security of Aadhaar basis internet reports. The series of tweets follows discovery of vulnerable government websites leaking Aadhar data past Baptiste Robert, aka Elliot Alderson on Twitter.

Yesterday, I found 20K+ #Aadhaar cards with a manual search. @UIDAI: Do I need to create a Twitter bot which is doing this work automatically and publish the effect on Twitter to accept a reaction from your side?

— Baptiste Robert (@fs0c131y) March eleven, 2018

UIDAI has advised people not to get confused with such reports which are far from the truth and intended to spread misinformation on India's robust identity organization – Aadhaar – unnecessarily. 2/n

— Aadhaar (@UIDAI) March 11, 2018

Although UIDAI didn't explicitly target Robert aka Alderson in their tweets, the timing left picayune doubt every bit to the intended recipient of their ire. Robert said he notified UIDAI that he got access to more than twenty,000 Aadhaar cards by doing a manual search. In the recent by, Alderson had been chasing cybersecurity bug in Indian digital infrastructure and has especially been enticed past the flaws in Aadhaar's security.

In its latest defence of the system, UIDAI boldly called Aadhaar a "robust" system, reiterating that simply knowing Aadhaar number is not plenty to leak private data of citizens which is linked to Aadhaar. The organisation as well falsely claimed that in that location has not been a single breach of UIDAI's database since its inception eight years agone, perhaps ignoring the auction of a billion-plus Aadhaar numbers for Rs 500. In its tweet, UIDAI said that someone cannot "impersonate and harm" another citizen fifty-fifty later on securing their unique Aadhaar ID. However, in the same breath information technology as well asked citizens to keep Aadhaar number secure. Accept a look at the contradictory tweets below. In i, UIDAI claims that Aadhaar is not to be treated every bit a confidential document but in the next tweet advises that it must not exist shared to protect the privacy of the individual.

Aadhaar just similar any other identity document, therefore, is never to be treated as a confidential document. 4/n

— Aadhaar (@UIDAI) March 11, 2018

Although Aadhaar has to be shared with others, it beingness a personal information similar mobile number, bank business relationship number, PAN carte, passport, family details, etc, should be unremarkably protected to ensure privacy of the person. 5/northward

— Aadhaar (@UIDAI) March xi, 2018

Dorsum in May final twelvemonth, the Middle for Cyberspace and Society reported that Aadhaar information of 13 crore citizens had been compromised, with bank details of at to the lowest degree 10 crore citizens being leaked. The Hindu Business Line had reported that equally of Apr 2017, there had every bit many equally 21 "reported" breaches. In addition, private companies have been misusing privileges of using Aadhaar for KYC by forcefully enrolling new bank accounts. And even though Airtel was fined Rs v crore last week for this transgression, it pales in comparison to the financial security threat posed by Aadhaar'south misuse past hackers.

All in all, UIDAI blamed citizens for sharing their Aadhaar details even when government agencies refuse to do work without information technology. If the UIDAI continues to abscond from responsibleness and refuses to accept the mistakes in Aadhaar security, Indian citizens are in far greater problem than we imagined. Meanwhile, as we try to unravel the mysteriously tucked significant in these tweets, y'all can check where has your Aadhaar been used for UID hallmark by visiting this link.