Aadhaar data of a large number of farmers was leak by a government website design for the welfare of the agriculture sector in India, a security researcher has report.
The website, call as PM Kisan, allows the government to distribute grants to farmers under the Pradhan Mantri Kisan Samman Nidhi programme.
Due to an issue, one of its parts was publicly exposing Aadhaar numbers of enroll farmers.
The website has register over 110 million farmers since its launch in 2019.
Security researcher Atul Nair said in a post on Medium that a part of the PM Kisan website was leaking the Aadhaar number of its registered farmers.
The issue was first spot by the researcher in late January and was report by India’s Computer Emergency Response Team (CERT-In).
Shortly after receiving the report, the nodal agency forward the details to the concern authorities.
They apparently took some months to fix the exposure.
It is not confirm whether an attacker was able to breach the data until it got fix.
CERT-In appreciate the researcher for reporting the issue, though it did not explicitly confirm the fix or whether the data was not breached.
Aadhaar numbers of individuals in the country are not of confidential nature, per the Unique Identification Authority of India (UIDAI), the statutory authority that is mandate to issue the 12-digit uniquely identified numbers.
It does restrict users from sharing Aadhaar cards on public platforms.
This is not the first time when the Aadhaar data of individuals was expose by a government website.
In 2019, the Jharkhand government reportedly expose the unique identification numbers of its thousands of workers.
A few days later, state-own liquid petroleum gas (LPG) manufacturer Indane had also allegedly expose Aadhaar details of millions of its consumers.
