210 govt websites made public Aadhaar details, says UIDAI
More than 200 central and state government websites publicly displayed details such as names and addresses of some Aadhaar beneficiaries, the Unique Identification Authority of India has said.
In response to a Right to Information (RTI) query, the Aadhaar-issuing body said that it took note of the breach and got the data removed from those websites. It did not specify when the breach took place. The Aadhaar details were never made public from or by the UIDAI, it added.
"However, it was found that approximately 210 websites of central government, state government departments including educational institutes were displaying the list of beneficiaries along with their name, address, other details and Aadhaar numbers for information of general public," it said.
UIDAI issues Aadhaar - a 12-digit unique identification number - which acts as a proof of identity and address anywhere in the country.
The central government is in the process of making Aadhaar mandatory for people to avail benefits of various social service schemes.
"UIDAI has a well-designed, multi-layer approach, robust security system in place and the same is being constantly upgraded to maintain the highest level of data security and integrity," the RTI response said.
The architecture of the Aadhaar ecosystem has been designed to ensure data security and privacy which is an integral part of the system from the initial design to the final stage, it said.
"Various policies and procedures have been defined, these are reviewed and updated continually, thereby appropriately controlling and monitoring any movement of people, material and data in and out of UIDAI premises, particularly the data centres," the UIDAI said.
It said security audits are conducted on a regular basis to further strengthen security and privacy of data. Besides this, all possible steps are taken to make the data safer and protected, the authority said.