STREAMING NOW: Watch Now

Alleged breach of India's biometric database could put 1.2bn users at risk

The Indian government has announced new security measures following reports of an alleged security breach in the coun...

Posted: Jan 12, 2018 11:55 AM
Updated: Jan 12, 2018 11:55 AM

The Indian government has announced new security measures following reports of an alleged security breach in the country's vast biometric database, which contains the personal details of 1.2 billion Indian citizens.

The announcement comes a full seven days after journalist Rachna Khaira first identified the alleged breach in an article in the Tribune newspaper, in which it was claimed reporters were able to buy access to citizens' personal details, such as names, addresses, phone numbers and even photos, via an anonymous WhatsApp account for as little as $8.

The database, known officially as Aadhaar, was launched in 2009 as a voluntary program intended to help prevent benefit fraud, it has since grown, and is now home to the collected data -- including fingerprints and iris scans -- of more than a billion Indians, or upwards of 90% of the entire population.

Users are issued with a personal 12-digit identity number which they can then use to access welfare payments, and other government controlled services.

Authorities have been widely criticized for their handling of the allegations, which if proven correct, could expose users to identity fraud and privacy invasions.

The Unique Identification Authority of India (UIDAI), which is responsible for maintaining the database, initially denied the claims, dismissing the Tribune story as "clearly a case of misreporting being incorrect and misleading."

This was followed by a tweet from the official account of the ruling Bharatiya Janata Party (BJP) referring to the report as "fake news," last Thursday.

A day after Khaira's report, the UIDAI filed a police complaint against her, the Tribune newspaper, and the anonymous individuals who allegedly provided them with access to the database, a move that served only to inflame the crisis further, and stoke wider concerns over diminishing press freedoms.

Reporters Without Borders (RSF), the Paris-based NGO which publishes an annual index of press freedom, last year ranked India at 136 out of 180 countries, down 3 places from the previous year, and lagging behind the likes of Myanmar, Colombia and even Zimbabwe.

The controversy led Edward Snowden, the former US National Security Agency contractor and high profile whistle blower, to weigh in with a tweet offering his support to Khaira, Tuesday.

"The journalists exposing the #Aadhaar breach deserve an award, not an investigation. If the government were truly concerned for justice, they would be reforming the policies that destroyed the privacy of a billion Indians. Want to arrest those responsible? They are called @UIDAI," said Snowden.

The agency quickly backtracked, and by late Tuesday afternoon had tweeted its support for press freedoms and its apparent willingness to work with the Tribune to investigate the problem.

It remains unclear, however, whether the UIDAI has in fact dropped its police complaint against Khaira.

Security measures

The newest government security measures, announced late Wednesday, will allow users to generate a randomly-generated virtual ID or token to avoid sharing their direct Aadhaar number for authentication, according to the government notice. A second security measure prevents secondary agencies from storing an individual's Aadhaar number.

Experts say the move will go some way in addressing issues raised in the Tribune report, as well as broader safety concerns.

Amber Sinha, a senior program manager at the Centre for Internet and Society, a research institute based in Delhi and Bangalore described the government's announcement as a welcome measure.

"There have been various kinds of security incidents, but tokenization can definitely address some of them," said Sinha.

According to Sinha, the database's biometric data, which contains the most sensitive information, such as retinal scans, has not been breached and reports in the press are related to demographic data, which can also exist in separate databases, owned by different government agencies or state governments.

Though implemented under the previous administration, Prime Minister Narendra Modi's government has championed the database, and pushed to make Aadhaar cards mandatory.

The new security measures come a day after a report from a research institute affiliated with the Reserve Bank of India labeled the database "a prime target."

"Thanks to Aadhaar, for the first time in the history of India, there is now a readily available single target for cyber criminals as well as India's external enemies ... The loss to the economy and citizens in case of such an attack is bound to be incalculable," said the report by the Institute for Development and Research in Banking Technology.

While the authorities did not cite a specific reason for the new security measures, they did say there were "heightened privacy concerns," according to the statement from the Ministry of Electronics and Information Technology.

West Lafayette
Clear
63° wxIcon
Hi: 77° Lo: 52°
Feels Like: 63°
Kokomo
Clear
60° wxIcon
Hi: 75° Lo: 51°
Feels Like: 60°
Rensselaer
Clear
57° wxIcon
Hi: 75° Lo: 50°
Feels Like: 57°
Fowler
Clear
57° wxIcon
Hi: 75° Lo: 51°
Feels Like: 57°
Williamsport
Clear
60° wxIcon
Hi: 76° Lo: 50°
Feels Like: 60°
Crawfordsville
Clear
58° wxIcon
Hi: 76° Lo: 51°
Feels Like: 58°
Frankfort
Broken Clouds
56° wxIcon
Hi: 75° Lo: 51°
Feels Like: 56°
Delphi
Clear
56° wxIcon
Hi: 76° Lo: 51°
Feels Like: 56°
Monticello
Clear
56° wxIcon
Hi: 77° Lo: 51°
Feels Like: 56°
Logansport
Clear
55° wxIcon
Hi: 75° Lo: 50°
Feels Like: 55°
Mainly Dry and Warmer Rest of the Week.
WLFI Radar
WLFI Temps
WLFI Planner

Indiana Coronavirus Cases

Data is updated nightly.

Confirmed Cases: 112626

Reported Deaths: 3520
CountyConfirmedDeaths
Marion20832759
Lake10292318
Elkhart6415109
St. Joseph6156102
Allen6029200
Hamilton4724109
Vanderburgh344530
Hendricks2673122
Monroe247436
Tippecanoe226913
Johnson2268123
Clark215056
Porter207845
Cass19329
Delaware188261
Vigo178123
Madison159575
LaPorte137739
Floyd131461
Howard128563
Kosciusko120217
Warrick119936
Bartholomew115357
Marshall98924
Dubois95418
Boone95146
Hancock91143
Grant89133
Noble89132
Henry77024
Wayne74414
Jackson7409
Morgan70038
Shelby66529
Daviess64427
Dearborn63228
LaGrange63111
Clinton59212
Harrison56024
Putnam53710
Lawrence50528
Montgomery50521
Knox5019
Gibson4854
White48114
DeKalb45611
Decatur45439
Miami4263
Fayette41813
Greene41835
Jasper3862
Steuben3707
Scott35610
Sullivan33012
Jennings31212
Posey3060
Franklin29925
Clay2935
Orange28524
Ripley2838
Carroll27013
Wabash2618
Washington2611
Starke2537
Whitley2526
Wells2482
Adams2453
Jefferson2443
Fulton2342
Huntington2223
Tipton21722
Spencer2153
Perry21413
Randolph2087
Jay1730
Newton17111
Owen1651
Martin1640
Rush1524
Pike1401
Vermillion1260
Fountain1182
Pulaski1151
Blackford1133
Crawford1030
Brown1023
Parke941
Benton880
Union770
Ohio767
Switzerland700
Warren391
Unassigned0225

COVID-19 Important links and resources

As the spread of COVID-19, or as it's more commonly known as the coronavirus continues, this page will serve as your one-stop for the resources you need to stay informed and to keep you and your family safe. CLICK HERE

Closings related to the prevention of the COVID-19 can be found on our Closings page.

Community Events