UIDAI denies claims of Aadhaar data breach on Indane's systems

-
UIDAI denies claims of Aadhaar data breach on Indane

25 Mar 2018: UIDAI denies claims of Aadhaar data breach on Indane's systems
The UIDAI has denied the claims of an Aadhaar data breach on the systems run by state-owned utility company Indane.
Earlier, a report by ZDNet suggested that the Aadhaar details of all registered Indane customers were exposed online and could be accessed by anyone.
UIDAI said that "there is no truth in this story" and that they were "contemplating legal action against ZDNet."
Context: Report claimed Indane's unsecured API put Aadhaar data at risk
The report claimed that Indane's API wasn't secure, allowing access to personal information like names, unique 12-digit Aadhaar numbers, and bank names related to those Aadhaar numbers.
"The affected endpoint uses a hardcoded access token, which, when decoded, translates to 'INDAADHAARSECURESTATUS,' allowing anyone to query Aadhaar numbers against the database without any additional authentication," the report said.
Fact: Aadhaar biometric data not easy to hack: UIDAI
Last week, UIDAI CEO Ajay Bhushan Pandey said, "Each Aadhaar biometric is encrypted by a 2048-key combination and to decode it, the best and fastest computer of our era will take the age of the universe just to hack into one card's biometric details."
Response: UIDAI threatens legal action against ZDNet
"One must understand that the Aadhaar number is not a secret number," UIDAI explained.
"Mere availability of Aadhaar number with a third person will not be a security threat to the Aadhaar holder or will not lead to financial/other fraud, as for any transaction, a successful authentication through fingerprint, Iris or OTP of the Aadhaar holder is required," it added.
Background: Indane's endpoint vulnerability discovered by Delhi-based security researcher
The ZDNet report said the endpoint vulnerability was discovered by Delhi-based security researcher Karan Saini.
He claimed that since Indane has access to the entire Aadhaar database through an unsecured API, information of all Aadhaar holders was at risk.
Hackers can go through endless permutations to guess an Aadhaar number and steal its corresponding information since the API doesn't employ rate limiting, Saini added.
Claims: Informed government of the data breach a month ago: ZDNet
ZDNet said that it had informed the government of the alleged data breach a month ago but received no response regarding the same.
It then contacted the Indian Consulate in New York and Devi Prasad Misra, consul for trade and customs, but to no avail.
However, ZDNet claims that within hours of publishing the story, the affected endpoint was taken offline.
Fact: Earlier, security researcher hacked Aadhaar to access 22,000 card details
Aadhaar has been continuously in the news regarding security vulnerabilities. Earlier, French security researcher Elliot Alderson hacked into the Aadhaar Android app within a minute and reportedly gained access to 22,000 card details. Notably, Aadhaar is the world's biggest database with over 1.1 billion users.
Sources by: YAHOO!NEWS

Comments

Post a Comment

Popular posts from this blog

Artificial Intelligence (AI) and Machine Learning

-
  Artificial Intelligence , or AI, has already received a lot of buzz in the past decade, but it continues to be one of the new  technology trends  because of its notable effects on how we live, work and play are only in the early stages. AI is already known for its superiority in image and speech recognition, navigation apps, smartphone personal assistants, ride-sharing apps and so much more. Other than that AI will be used further to analyze interactions to determine underlying connections and insights, to help predict demand for services like  hospitals  enabling authorities to make better decisions about resource utilization, and to detect the changing patterns of  customer behaviour  by analyzing data in near real-time, driving revenues and enhancing personalized experiences. The AI market will grow to a  $190 billion industry by 2025  with global spending on cognitive and AI systems reaching over  $57 billion in 2022.   With AI spreading its wings across sectors, new jobs will be
Read more

Computer Basics-Basic Parts of a Computer

-
Introduction The basic parts of a desktop computer are the computer case, monitor, keyboard, mouse, and power cord. Each part plays an important role whenever you use a computer. The computer case is the metal and plastic box that contains the main components of the computer, including the motherboard, central processing unit (CPU), and power supply. The front of the case usually has an On/Off button and one or more optical drives. Computer cases come in different shapes and sizes. A desktop case lies flat on a desk, and the monitor usually sits on top of it. A tower case is tall and sits next to the monitor or on the floor. All-in-one computers come with the internal components built into the monitor, which eliminates the need for a separate case. Monitor The monitor works with a video card, located inside the computer case, to display images and text on the screen. Most monitors have control buttons that allow you to change your monitor's display settings, and some monitors also
Read more

Percentages: Formulas, Tricks and Shortcuts

-
Image
The following is a list of important formulas for Percentage: 1.  Percent implies “for every hundred”. % is read as percentage and x % is read as x per cent. 2.  To calculate p % of y (p/100) x y = (p x y)/100 p % of y = y % of p 3.  To find what percentage of x is y: y/x × 100 4.  To calculate percentage change in value Percentage change = {change/(initial value)} x 100 5.  Percentage point change = Difference of two percentage figures 6.  Increase N by S % = N( 1+ S/100 ) 7.  Decrease N by S % = N (1 – S/100) 8.  If the value of an item goes up/down by x%, the percentage reduction/increment to be now made to bring it back to the original point is 100x/ (100 + x) %. 9.  If A is x% more /less than B, then B is 100x/(100 + x) % less/more than A. 10.  If the price of an item goes up/down by x %, then the quantity consumed should be reduced by 100x/ (100 + x)% so that the total expenditure remains the same. 11.  Successive Percentage Change If there are succ
Read more