Home » National News » Alert! UIDAI's Aadhaar software hacked, ID database compromised, claims Congress

Alert! UIDAI's Aadhaar software hacked, ID database compromised, claims Congress

Speed News Desk | Updated on: 11 September 2018, 16:36 IST

Amidst the following reports on Aadhaar data breach, the opposition party led by Rahul Gandhi claims that the UIDAI's Aadhaar software has been hacked. Congress said the sanctity of the unique identification system was jeopardized.

The Congress's remarks on Aadhaar being hacked came after an investigation by HuffPost India revealed that the Aadhaar database, which contains the biometrics and personal information of over one billion Indians, "had been compromised by a software patch which disables critical security features of the software used to enroll new Aadhaar users".

According to reports, any unauthorized person from anywhere across the world can generate its Aadhaar ID using the patch which is freely available for Rs 2,500.

"The hack of the Aadhaar enrolment software jeopardizes the sanctity of the Aadhaar database. We hope the authorities will take the appropriate moves to secure future enrolments and verify the suspect enrolments," the Congress said in a tweet.

French Security expert Elliot Alderson, who triggered controversy by asking UIDAI to explain why its helpline number was stored on many people's phone without their knowledge. It also joined in the conversation by asking the UIDAI to work with the hackers to plug the breach.

"I repeat it: NOTHING IS UNHACKABLE. It does apply for Aadhaar. UIDAI, it's never too late. Listen and work with hackers instead of threatening them. History is looking to you," he said. According to the HuffPost report, "the patch lets a user bypass critical security features such as biometric authentication of enrolment operators to generate unauthorized Aadhaar numbers".

"The patch reduces the sensitivity of the enrolment software's iris-recognition system, making it easier to spoof the software with a photograph of a registered operator, rather than requiring the operator to be present in person," the report said.

First published: 11 September 2018, 16:22 IST