India

UIDAI refutes report of Aadhaar database breach

UIDAI refutes report of Aadhaar database breach

New Delhi: Unique Identification Authority of India (UIDAI) on Saturday refuted a report about an alleged Aadhaar database breach and advised people not to be misled by such reports.

According to database authority’s official statement, the report, which appeared on a web portal, purportedly quoted a person claiming to be a security researcher who said that a state-owned utility company containing its customer details such as bank account numbers, consumer number, Aadhaar number (not the biometrics), etc. has some vulnerability which can be used to access a huge amount of Aadhaar data.

“There is no truth in this story as there has been absolutely no breach of UIDAI’s Aadhaar database. Aadhaar remains safe and secure,” the statement read.

Terming the report as “baseless, false and irresponsible,” UIDAI further elaborated, “Even if the claim purported in the story were taken as true, it would raise security concerns on database of that utility company and has nothing to do with security of UIDAI’s Aadhaar database.”

Also, the fact that the utility company has bank account numbers of its customers does not imply that all Indian banks’ databases have been breached, UIDAI clarified.

“Further, one must understand that the Aadhaar number, though a personal sensitive information, is not a secret number. Mere availability of Aadhaar number with a third person will not be a security threat to the Aadhaar holder or will not lead to financial/other fraud, as for any transaction, a successful authentication through fingerprint, iris or OTP of the Aadhaar holder is required,” UIDAI stated. (ANI)