Indian authorities sites are frequently criticized for their lack of cyber security as well as security of people’s information. Pointing out a flaw inwards Telangana government’s NREGA portal, French hacker as well as independent security researcher Robert Baptiste hacked into the acre government’s website.
He reportedly contacted the site owners regarding the number as well as later on receiving no reply for or as well as therefore time, published his results on social media.
In theory, a authorities website is real secure but inwards #India it's or as well as therefore other story...https://t.co/88CKv3hM9q is vulnerable to a basic SQL injection...🤦♂️ pic.twitter.com/3x1lX1mCUp— Elliot Alderson (@fs0c131y) February 25, 2018
The website (http://tspost.aponline.gov.in) was vulnerable to i of the near basic spider web hacking technique, an SQL injection. It has directly gone offline inwards the wake of this news.
“A basic SQL injection allows an aggressor to access the database of the website,” Robert said. “To last clear, all the information on this website tin last a dump. Telangana authorities officials enjoin they are working to receive it. For this website, they convey to hire decent spider web developers to protect it from attacks.”
TSPost, Telangana’s authorities create goodness disbursement portal, contained the concern human relationship details as well as Aadhaar numbers of over 56 lakh NREGA beneficiaries as well as xl lakh beneficiaries of social security pensions.
Using the SQL injection, Robert was able to access non simply the Aadhaar as well as concern human relationship details from the website but too the API keys of UIDAI’s Aadhaar database, the access of which tin enable anyone capable plenty to brand a mistaken Aadhaar app that could last uploaded to Google Playstore for malicious use.
This is i of the many cases pointing out how vulnerable the Aadhaar organisation is to hacking as well as security breaches.