UIDAI statement in wake of hacker's arrest seeks to reassure citizens that all is well with Aadhaar

We recently reported that ex-IITian and current Ola employee Abhinav Shrivastava was arrested on 3 August on the charge of illegally accessing the Aadhaar database.

Aadhaar logo. Image courtesy UIDAI

Aadhaar logo. Image courtesy UIDAI

The Unique Identification Authority of India (UIDAI), the government agency responsible for Aadhaar, has issued a statement clarifying the situation and assuring citizens that the Aadhaar database was never breached.

Shrivastava developed an app that illegally routed Aadhaar database requests via a server used by the e-Hospital app. The latter app is authorised to access the Aadhaar database, Shrivastava’s app wasn’t.

UIDAI clarifies that while the Shrivastava’s illegal app could be used to access the Aadhaar database, the access mechanism ensured that those who used the app could only access their own demographic data as stored in the Aadhaar database. The database itself was never compromised and no data leaked out.

Demographic data includes the name, address, gender and other such details of a person. Biometric data such as that pertaining to fingerprints and iris scans was never leaked nor was it accessible.

“Residents were downloading their own demographic data such as name, address, gender, etc. through this App. Hence, alleged privacy violations reported in some section of media is not true as no one could not get data of any other person through this App,” reads UIDAI’s statement.

The authority clarifies that legal action against the owner of the app (Shrivastava) was taken under the Aadhaar Act, 2016.

In its statement, the UIDAI again reminds citizens to provide their Aadhaar numbers only to authorised agencies and that the UIDAI helpline can be contacted via telephone on 1947 and on help@uidai.gov.in at any time.

Updated Date: Aug 04, 2017 12:11 PM