TRENDING ON ONEINDIA
- Pulwama Attack Updates — PM Modi Chairs High-Level Meeting
- Gully Boy — Movie Review
- 6 Steps To Earn More Money From Fixed Deposits
- Joint 2030 World Cup Bid — Everything You Need To Know
- ACT Fibernet Plans To Partner With ZEE 5; Launches New Brand Identity
- Is The Mahindra XUV300 India’s Best Compact-SUV?
- It's Never Too Late To Exlpore The Elusive Haven Of Lawngtlai
- These Identical Twins Share The Same Boyfriend!
Recently, State Bank of India hit the headlines for a massive data leak. Now, the Jharkhand government is said to have leaked the Aadhaar numbers and personal information of several thousands of government employees on its website. It is said that the online system that is used by the Jharkhand government to take care of the attendance of the government staff failed to have any security protections in place.
Moreover, the webpages containing the personal data of employees were accessible easily to anyone who knew where they should look for. Following the data leak, the website s now inaccessible.
Massive leak of Jharkhand government employees
As per a TechCrunch report, the online attendance system used by the Jharkhand government was unprotected at least from 2014. When it comes to the details of the state's government staff, their name, photo, designation, Aadhaar number and partial phone number have been leaked. Though the Aadhaar number was not listed directly on the webpage, the website was fetching the image of the workers by sending this credential. So, it is clearly visible in the URL of the image link.
The report goes on stating that the web-based attendance system was hosted on the website's sub-domain and was also indexed in Google. This made it to be discovered by anyone. Even now, the cached pages of the government employees' attendance records can be found in Google's index. Anyone with the basic knowledge of coding can scrape the website easily, it adds citing a security researcher.
It is said that over a lakh Aadhaar numbers are unprotected. The report has also verified the authenticity of the leaked numbers using the UIDAI's official tool.
Though this leak is not linked directly to UIDAI, which handles the Aadhaar infrastructure, it makes it clear how vulnerable the Aadhaar data can be due to the lack of protection of governmental agencies. The leaked information can be misused by those with malicious intentions. Eventually, this issue is quite alarming.
Notably, this is not the first time that a government institution has revealed the Aadhaar retailed details. Previously, we have come across instances when government-owned utility service providers and government websites revealed the sensitive information.