Security Fails

Aadhaar Vulnerability Public Disclosure

Vulnerability reported in resident.uidai.gov.in allows anyone to change content on the UIDAI website. The UIDAI Resident Portal has direct access to Aadhaar demographic data. The vulnerability (XSS) allows anyone to embed any tweet on the UIDAI website The Vulnerability The UIDAI Resident Portal (with read access to entire Aadhaar Demographic data) Read more…

Aadhaar Enabled Surveillance

An AP government maintained website leaks Aadhaar details, allows search using religion and caste

An Andhra Pradesh government maintained website has hosted a dashboard app that can search people in 13 districts using “religion” and “caste” amongst other categories. According to Huffingtonpost India, the dashboard in the aforementioned website, allows anyone to search for data based on terms such as “Hindu”, “Muslim”, “Zoroastrian” and Read more…

Security Fails

Gujarat PDS scam and biometrics leak

Babubhai Boriwal (53) and Sampatlal Shah (61), owners of “Pandit Deendayal grahak bhandar” shops under Gujarat’s Annapurna Yojana PDS, were arrested by the Crime Branch in Surat. They were using an illegal software that accessed leaked biometric data in order to acquire coupons in the name of different PDS beneficiaries Read more…