Skip to main content
xYOU DESERVE INDEPENDENT, CRITICAL MEDIA. We want readers like you. Support independent critical media.

Leaked Letter Confirms Aadhaar Data Theft Concerns

Ronak Chhabra |
According to the letter, Employees Provident Fund Organization (EPFO) data has reportedly been stolen by hackers.
Aadhaar

A letter titled ‘Secret’, supposedly written by EPFO Central Provident Fund Commissioner VP Joy to CEO of Common Service Centre (CSC), Dinesh Tyagi, surfaced on social media platforms. The March 23 letter talks about the data leak by hackers 'by exploiting the vulnerabilities prevailing in the website (aadhaar.epfoservices.com) of EPFO' which is the Aadhaar Seeding Service for the EPFO.

The letter carried the following subject line: "Data Theft from ICT Infrastructure of Aadhaar Seeding Service for Employees' Provident Fund Organization" and made references to an Intelligence Bureau (IB) note, that had warned of data theft.

aadhaar file2.png

EPOF is one of the many government departments that use the platform provided by Common Service Centre (CSC) E-governance Services Ltd. Aadhaar-seeding services. Pursuing a goal to go paperless by August this year, the body has been seeding Aadhaar with Universal Account Numbers of its subscribers. As of February 2018, it had been used to link 34.5 million out of a total of 47.1 million active provident fund accounts with Aadhaar.

The possible data, that has been leaked, includes the Aadhaar numbers, demographic information and employment details of millions of formal sector employees.

"Warnings regarding vulnerabilities in data or software is a routine administrative process based on which the services which were rendered through the CSC have been discontinued from March 22, 2018,” EPOF said in a press statement while announcing the suspension of CSC services.

“No confirmed data leakage has been established or observed so far”, the press statement added.

Responding to yet another allegation of data leak in a scapegoating manner, UIDAI, in a press statement said the matter does not pertain to any data breach from UIDAI server as the alleged data breach took place on a website that does not belong to it.

In January 2018, according to a report by The Tribune, one billion Aadhaar numbers were available for Rs 500 on WhatsApp followed by tweets of French security researcher who claimed to access Aadhaar details of 5.6 million MNREGA beneficiaries and 4 million social security pension beneficiaries. The list of security breaches involving Aadhaar number seems to be unending and the latest compromise of the details of EPOF subscribers reemphasizes the vulnerabilities involved in India's ambitious e-governance push.

Get the latest reports & analysis with people's perspective on Protests, movements & deep analytical videos, discussions of the current affairs in your Telegram app. Subscribe to NewsClick's Telegram channel & get Real-Time updates on stories, as they get published on our website.

Subscribe Newsclick On Telegram

Latest