Influenza A virus subtype H5N1 Twitter handgrip of anonymous hackers yesteryear the bring upward Lulzsec Republic of Republic of India has tweeted almost a vulnerability involving 22,000 Aadhaar together with PAN cards. They accept refused to render farther information till the vulnerability is patched. The screenshot they accept tweeted appears to present numbered folders together with icon documents of an Aadhaar carte du jour together with the bring upward “Kamlesh Tiwari” written yesteryear mitt – which could survive the scan of a signature.
The breach does non look to survive a website vulnerability, but a poorly coded server related to PAN applications, that allows malicious hackers unlimited file administration access over ftp. As of now, it is non known which server this information is on together with the grouping refuses to disclose farther details till the vulnerability is fixed.
“We all alive inwards a country where cybersecurity made stronger solely yesteryear courtroom orders together with useless statements of denial together with non secure coding practices,” said Lulzsec Republic of Republic of India when approached via someone messages for to a greater extent than information related to the breach.
Other safety issues reported yesteryear Lulzsec Republic of Republic of India include vulnerabilities that allowed logging into the Rajya Sabha server together with that ISRO Bhuvan Mapper was running on 7-year-old server code together with was vulnerable to all the safety issues that had been revealed inwards that time.
Some instances of website or application breach:
July 28, 2017 – Abhinav Srivastava, co-founder of Quarth technologies created an “Aadhaar e-KYC” app that accessed the UIDAI API without authorization.
September 10, 2017 – During the Kanpur Fake Aadhaar Enrollment scam, the enrollment software was constitute to survive opposite engineered to bypass iris scan authentication for operators.
Jan 4, 2018 – The Tribune had reported access to Aadhaar information could survive purchased for every bit piddling every bit Rs. 500 on social media.
Jan 4, 2018 – The Quint reported that information admins could do other information admin accounts at discretion – without whatsoever checks.
