Aadhar card data of 50 lakh people in Tamil Nadu hacked
Personal information of 50 lakh users of Tamil Nadu Public Distribution System (PDS) has been breached and data is disclosed in the Hacker Forum. This has been identified and revealed by Bengaluru-based cyber-security firm TechniSanct. It is expected that the hackers could use the disclosed data for phishing attacks.
- Aadhaar card numbers
- Beneficiaries information
- Family information of individuals
- Mobile numbers
The data that was leaked on the Web included information of a total of 49,19,668 people in Tamil Nadu, according to the cyber-security startup. This comprises the email addresses and Aadhaar numbers of the affected users, alongside 3,59,485 phone numbers. The leaked data fields, reviewed by Gadgets 360, also included the ‘Makkal Number‘ that the state government introduced to keep a record of all citizens including newborns. Also read Are free Covid 19 vaccines driving up fuel prices?
How did the Tamil Nadu breach happen?
The cybersecurity act is expected to be performed either through the website associated with the Tamil Nadu government or through a third-party vendor. However, the reported data seems to be just a small part of what the Tamil Nadu Civil Supplies and Consumer Protection Department has as the dashboard on its site shows that there are over 6.8 crore registered beneficiaries for the PDS system.
Recent attacks on Indian citizen’s data
This is not the first time when we are seeing a serious cyber-security issue impacting citizens’ data in India. In December, there was a flaw identified in the Telangana government site that exposed sensitive data of all its employees and pensioners.
Data from Prime Minister Narendra Modi’s site was also allegedly leaked on the dark Web last year.
Experts believe that cyber-security issues could be limited to some extent once the government passes the anticipated data protection law. A report by London-based think tank International Institute for Strategic Studies (IISS) also recently noted that India has made only modest progress in building its policy and beliefs for cyberspace security and is yet to adopt a whole-of-security approach to improve its cybersecurity.