Hyderabad: Central governments and UIDAI’s much voted Aadhaar is yet again caught in data leak scandal after Andhra Pradesh’s woman and child welfare department leaked Aadhaar numbers of 4.8 lakh pregnant women by putting them on its official website.
The Aadhaar numbers that were leaked belonged to women who had enrolled themselves in Nutrition department, TOI reported.
Cybersecurity researchers after noticing the Aadhaar data leak notified the Computer Emergency Response Team of India (CERT-In) and the Unique Identification Authority of India(UIDAI) after which the department had disabled the column that was displaying the Aadhaar details of these women.
The researchers also found out nearly 20 Lakh mothers and pregnant women Aadhaar details have been leaked since 2015.
The department’s dashboard including the details of women is linked to Andhra Pradesh chief minister’s core dashboard.
This dashboard displayed Aadhar details of 20 lakh women public including husband’s name, Aadhaar number, date of enrolment with Anganwadi centres, high-risk grading and status of follow-ups. Mandal-wise data of pregnant women in 13 districts up to Feb 2018 were all displayed on the dashboard.
Kodali Srinivas, cybersecurity researcher who notified about the Aadhaar leak said: “I notified the CERT-In, UIDAI and the AP Core Digital Data Authority regarding the Aadhaar numbers put up openly on the website. There was no response. Perhaps, they are closed on Sunday. Collecting data of pregnant women is a good initiative so that the government can follow-up with them to decrease the maternal mortality and infant mortality rates, prevent anemia in mothers and malnutrition in kids. But the problem is linking it with Aadhaar. The violation of rules is in making this data public.”
“The e-commerce websites selling baby products and merchandise for new mothers may try to use this data as it is openly available on the net,” Srinivas told STOI.
When Women and child welfare department was contacted, the department’s IT coordinator, Ratnakar, told STOI: “After the Supreme Court directions in 2017, we removed all Aadhaar details put up in the public domain. Even for intra-department purposes, we use only the last four digits to identify beneficiaries. But due to unknown reasons, the Aadhaar numbers were displayed openly on the dashboard. We are disabling it instantly.”
The Cyber Security researchers allege that the government collecting Aadhar details is not safe since the government is not doing an audit.
Srinivas added that AP state has an Act which protects its officials from prosecution for data revealed in good faith.