Aadhaar, the 12-digit unique identification number that is issued by the Unique Identification Authority of India (UIDAI) has been center of a number of controversies ever since the launch. These controversies include user data privacy, security of the stored biometric data, and a stream of leaks. According to a new report, another instance of Aadhaar data leak has been spotted where a state government in India was careless enough to leave data of thousands of its workers exposed without any password. As part of the report, the government of Jharkhand left data of 1,66,000 workers exposed along with other important bits such as names, job titles, and partial phone numbers.
This leak was initially reported by TechCrunch which stated that the data was left exposed since 2014. The leaked data was located on a government system that was used to record attendance of government workers in the state. What was even more surprising was that the IT system used the 12-digit unique number as the file name of photos on each page in the record. The report noted that even though Aadhaar numbers are not as confidential as a credit or debit card, they still pose a risk of identity theft if not kept closely guarded.
Watch: Microsoft Surface Go First Look
The reason one should care about their Aadhaar number is that anyone can use it along with thumbprints to make use of benefit schemes from the state while enrolling in a number of services including voting, welfare, and financial assistance. Users can also use the number to open a new bank account, get a new SIM connection, and even use it to verify their identity.
Researchers reached out the government and UIDAI after confirming their findings but they did not receive any response from both the government organizations. Though it looks like the website is currently not accessible. This comes hours after TechCrunch confirmed that the Aadhaar numbers available on the system were valid with the help of a verification tool by UIDAI. This shows that contrary to the claims by the government and UIDAI that Aadhaar is secure, it is easy for hackers to get on the data without much work and lax security measures from other government agencies.