Andhra Pradesh government shuts down 3 sites for data leak
Hyderabad: The Andhra Pradesh government finally pulled its act together on Saturday and shut down pages of three websites leaking sensitive private information of several lakh Aadhaar cardholders, including that of 69.83 lakh students.
The move comes after repeated complaints over five days to the Unique Identification Authority of India (UIDAI) and the Computer Emergency Response Team (CERT).
So far, the AP government websites have leaked data concerning nearly two crore Aadhaar card holders out of a state population of five crore.
The Commissionerate of School Education (AP) website had collected information of 69,83,048 students across the state to primarily identify the percentage of school dropouts.
However, the government website leaked names, addresses and Aadhaar details of those students. Second, the AP State Housing Corporation website was found to be displaying Aadhaar numbers, bank branches, IFSC codes, account numbers, father’s names, addresses, gram panchayat, mobile numbers, ration card numbers, occupation, religion and caste of housing scheme beneficiaries. And third, the Wages & Social Security Pensions (MGNREGA) Benefit Disbursement Portal (AP) put on public display the identity of benefit recipients.
The data leak was identified by independent security researcher Srinivas Kodali, who filed multiple complaints with various state and Central security agencies, and told Deccan Chronicle that AP has no centralised agency to report data breaches, except for a cyber-security website.
“Even the UIDAI does not have a central platform to accept complaints. However, when the issue was raised to multiple agencies including CERT and the National Physical Information Protection Centre, the pages were removed from the websites,” he said.
Asked if the AP government has enlisted his support to conceal the data, the researcher said, “Not yet, but in case it does, I can help. The government should first understand the limitations of technology.”