India’s Entire Aadhaar Data Breached: One Billion Identities Out For Sale

aadhaar-mobile-reuters

In perhaps the biggest identity data breach in history, India’s entire Aadhaar data has been breached by fraudsters and over one billion Aadhaar details that includes name, address, postal code (PIN), photo, phone number and email are on sail for just Rs 500. Unique Identification Authority of India’s (UIDAI) Central Identities Data Repository (CIDR) is the biggest collection of identities on earth that includes a person’s biometric data.

The story was broken by the news paper The Tribune. The Tribune “purchased” a service being offered by anonymous sellers over WhatsApp that provided unrestricted access to details for any of the more than 1 billion Aadhaar numbers created in India thus far.

According to the report:

It took just Rs 500, paid through Paytm, and 10 minutes in which an “agent” of the group running the racket created a “gateway” for this correspondent and gave a login ID and password. Lo and behold, you could enter any Aadhaar number in the portal, and instantly get all particulars that an individual may have submitted to the UIDAI (Unique Identification Authority of India), including name, address, postal code (PIN), photo, phone number and email.

What is more, The Tribune team paid another Rs 300, for which the agent provided “software” that could facilitate the printing of the Aadhaar card after entering the Aadhaar number of any individual.

The people selling the data seem to have access to the website of the Government of Rajasthan. According to the Tribune report “the “software” provided access to “aadhaar.rajasthan.gov.in”, through which one could access and print Aadhaar cards of any Indian citizen.”

The report gives a run down on how this data breach was unearthed

A quick chat, and full access

12:30 pm: This correspondent posing as ‘Anamika’ contacted a person on WhatsApp number 7610063464, who introduced himself as ‘Anil Kumar’. He was asked to create an access portal.

12:32pm: Kumar asked for a name, email ID and mobile number, and also asked for Rs 500 to be credited in his Paytm No. 7610063464.

12:35 pm: This correspondent created an email ID, [email protected], and sent mobile number ******5852 to the anonymous agent.

12:48 pm: Rs 500 transferred through Paytm.

12:49 pm: This correspondent received an email saying, “You have been enrolled as Enrolment Agency Administrator for ‘CSC SPV’. Your Enrolment Agency Administrator ID is ‘Anamika_6677’.” Also, it was said that a password would be sent in a separate mail, which followed shortly.

12:50 pm: This correspondent had access to the Aadhaar details of every Indian citizen registered with the UIDAI.

Printing Aadhaar card

This correspondent later again approached Anil Kumar to ask for software to print Aadhaar cards. He asked for Rs 300 through Paytm No. 8107888008 (in the name of ‘Raj’). Once paid, a person identifying himself as Sunil Kumar called from mobile number 7976243548, and installed software on this correspondent’s computer by accessing it remotely through “TeamViewer”. Once the job was done, he deleted the software drivers, even from the recycle bin.

Using a fraudulent Aadhaar card,  fraudsters or even terrorists may buy a mobile SIM card in your name.  Bank accounts can also be opened in anyone’s name.

The same tribune report said, “last month, a man was arrested in Jalandhar for withdrawing money from someone’s bank account by submitting a fake Aadhaar card.”

On the 24th of August, 2017 a nine-judge bench of the Supreme Court of India had pronounced in a landmark judgement that privacy is a fundamental right. This data breach a violation of fundamental right of over one billion Indian’s.

By this breach majority of India’s population’s identity is at risk.

Support Countercurrents

Countercurrents is answerable only to our readers. Support honest journalism because we have no PLANET B.
Become a Patron at Patreon

Join Our Newsletter

GET COUNTERCURRENTS DAILY NEWSLETTER STRAIGHT TO YOUR INBOX

Join our WhatsApp and Telegram Channels

Get CounterCurrents updates on our WhatsApp and Telegram Channels

Related Posts

Aadhaar Needs To Be Questioned And Resisted

The Indian government has proposed changes the regulations around Aadhaar to allow private entities to conduct Aadhaar-based verification with its permission. On April 20, 2023, the government amended the Aadhaar…

Join Our Newsletter


Annual Subscription

Join Countercurrents Annual Fund Raising Campaign and help us

Latest News