Shocking Data Breach: Aadhaar Details of Over a Million Leaked

The draft notification to amend rules for driving licences has been submitted to the law ministry for legal vetting.

Turns out Mahendra Singh Dhoni wasn’t the only one.

In a shocking breach of privacy, the names, addresses, bank account details and Aadhaar numbers of over a million citizens were leaked on a website managed by the Jharkhand Directorate of Social Security, according to a report in the Hindustan Times.

Out of the 1.6 million pensioners in Jharkhand, 1.4 million have seeded their bank accounts with their Aadhaar numbers in order to enable a direct transfer of their monthly pension to their bank accounts. The state’s senior citizens are now vulnerable online, with most of their personal details available on the website, thanks to the glitch.

According to Section 29 (4) of the Aadhaar Act, it is illegal to publish the Aadhaar numbers of consumers. However, the rules have been flouted in the past.

Earlier this year, former Indian cricket team captain Mahendra Singh Dhoni’s Aadhaar details were also leaked on social media, following which his wife Sakshi had taken to Twitter to reach out to Union Law and Information and Technology Minister, Ravi Shankar Prasad. Prasad was prompt to action, and the Unique Identification Authority of India (UIDAI) blacklisted the service provider for 10 years.

According to the HT report, officials, when they were contacted for comment, said they had been aware of the breach for several days and that their programmers were working on it to address the matter.