French security researcher: 20,000 Aadhaar cards available online

According to medianama, French security researcher Baptiste Robert (@fs0c131y) announced through a tweet on Sunday that he found electronic pictures of 20,000 Aadhaar cards on the Indian government and non-governmental agency websites. PDF or jpeg format, and the whole process took only about 3 hours.


Aadhaar currently has the world’s largest biometric database and has collected more than one billion Indian citizens’ iris scans and fingerprints. Prior to this, many security experts and media have questioned the security and privacy of the Aadhaar system. Because of the amount of data it stores, as well as its sensitivity, it does not tolerate any “flash”.

A few hours after Robert issued a tweet, the Unique Identification Authority of India (UIDAI) responded and sent nearly 11 tweets on the matter.

UIDAI reiterated that Aadhaar is still “safe and reliable,” and stated that “in the past eight years, its biometric database has not leaked anything.”

UIDAI rejected the reports on security breaches as “irresponsible” and “away from the truth,” and called Aadhaar “the most credible identity card.” In addition, UIDAI also stressed that the Aadhaar card is just an identity document that people can share openly with others when they need it, and should not be considered confidential.


The UIDAI statement does not seem to have been endorsed by Robert. He wrote in a further reply to UIDAI’s tweet:


It is worth noting that in the past few months, Robert has already reported on security flaws in several Indian government agency websites, including Indian state-owned telecom operator Bharat Sanchar Nigam Limited (BSNL) and Indian Space Research Organisation. , ISRO) website.

Source: medianama