Bengaluru cyber security firm claims data breach in TN PDS; Aadhaar data up on sale

In yet another breach of privacy, a Bengaluru-based cybersecurity startup has claimed that the personal data, including Aadhaar details, of 31 million Public Distribution System (PDS) beneficiaries in Tamil Nadu were up for sale on a hacker’s platform. The founder of Technisanct, Nandakishore Harikumar while addressing the issue asserted that the vendor is claiming that he was able to breach the entire PDS data, which is around 1.9TB.

“We are still assessing the depth of the breach. In the first dump, we identified 4.9 million Aadhaar details being there. Initially, the vendor got access to a small amount. It was initially 5 million, later he leaked another 20 million, and now it is 31 million,” Harikumar added.

State Government informed; CERT looking into the matter 

Pointing out that apart from Aadhaar card details, names, addresses, date of birth, makkal number, beneficiary numbers, and phone numbers have also been breached, he asserted that the State government and Computer Emergency Response Team (CERT) have been informed about it and they are looking into the matter. Assuming that the hacker still has access to the server, he added, "It could be a server misconfiguration that led to this. But we cannot be sure of it as the government and their vendors should find it through forensic and security audits to see how this would have happened."

As per reports, the Tamil Nadu government has initiated a probe into the matter, but the Chennai-based company which had been providing data service to the government has denied any data breach in the system.

(Credits-@nanduhari/twitter)