ZDNet reports data leak can allow access to private info - English News - metroradio.com.hk

4月24日 (星期三) ｜27°C 85%

直播 / 重溫

日期：

EU launches investigation into Chinese medical device market
24/04 13:54

Solomon Islands' Sogavare says he runs security amid tense wait for new gov't
24/04 11:58

Pro-Palestinian encampments spring up on more US college campuses
24/04 11:57

Venezuela's Maduro says he is open to receiving UN rights envoy
24/04 11:53

Haiti police bolster security around palace ahead of transition
24/04 11:52

Biden blames Trump for Florida's 6-week abortion ban
24/04 07:37

North Korea officials visit Iran in a rare public trip
24/04 07:36

Argentina's Milei faces biggest protest yet as students march over budget cuts
24/04 07:18

Russian deputy defence minister detained on bribe allegations, officials say
24/04 07:17

German climate activists sentenced for spraying paint on Brandenburg Gate
24/04 07:14

1

下一篇》

ZDNet reports data leak can allow access to private info

25/3/2018 7:03

        The semi-government agency
        behind India's national identity card project on Saturday denied
        a report by news website ZDNet that the programme has been hit
        by another security lapse that allows access to private
        information.

        ZDNet reported that a data leak on a system run by a
        state-owned utility company, which it did not name, could allow
        access to private information of holders of the biometric
        "Aadhaar" ID cards, exposing their names, their unique 12-digit
        identity numbers, and their bank details.

        But the Unique Identification Authority of India (UIDAI),
        which runs the Aadhaar programme, said "there is no truth in
        this story" and that they were "contemplating legal action
        against ZDNet".

        ZDNet could not immediately be contacted for comment on the
        UIDAI's response.

        "There has been absolutely no breach of UIDAI’s Aadhaar
        database. Aadhaar remains safe and secure," the agency said in a
        statement late on Saturday.

        "Even if the claim purported in the story were taken as
        true, it would raise security concerns on database of that
        utility company and has nothing to do with the security of
        UIDAI’s Aadhaar database," it said.



        MORE THAN BILLION USERS

        ZDNet had reported that even though the security lapse had
        been flagged to some government agencies over a period of time,
        it has yet to be fixed. It said it was withholding the name of
        the utility and other details.

        Karan Saini, a New Delhi-based security researcher, said
        that anyone with an Aadhaar number was affected.

        "This is a security lapse. You don't have to be a consumer
        to access these details. You just need the Uniform Resource
        Locator where the Application Programming Interface is located.
        These can be found in less than 20 minutes," Saini told Reuters.

        In recent months researchers and journalists who have
        identified loopholes in the identity project have said they have
        been slapped with criminal cases or harassed by government
        agencies because of their work.

        Aadhaar, a biometric identification card with over 1.1
        billion users, is the world's biggest database.

        But it has been facing increased scrutiny over privacy
        concerns following several instances of breaches and misuse.

        Last Thursday, the CEO of the UIDAI said the biometric data
        attached to each Aadhaar was safe from hacking as the storage
        facility was not connected to the internet.

        "Each Aadhaar biometric is encrypted by a 2048-key
        combination and to decode it, the best and fastest computer of
        our era will take the age of the universe just to hack into one
        card's biometric details," Ajay Bhushan Pandey said.

|

	回主頁｜關於我們｜使用條款及細則｜版權及免責聲明｜私隱政策｜聯絡我們
Copyright 2024© Metro Broadcast Corporation Limited. All rights reserved.