TRAI Chief’s Aadhaar Challenge Decoded: This Is What Exactly Happened!
The term 'data hack' is now open to debate: How much data is public, and how much is private now?
48 hours ago, Chairman of Telecom Regulatory Authority Of India (TRAI), RS Sharma, decided to throw a Aadhaar challenge on Twitter.
He publically mentioned his Aadhaar number, and challenged anyone to ‘harm him’, using that.
What exactly happened after that? Was his private information leaked? Here, we have decoded everything which happened after that.
The Aadhaar Challenge!
After a heated online discussion on the issue of Aadhaar security, TRAI Chairman decided to share his own Aadhaar number, and challenged anyone to do harm to him.
His first tweet:
My Aadhaar number is 7621 7768 2740
Now I give this challenge to you: Show me one concrete example where you can do any harm to me!— RS Sharma (@rssharma3) July 28, 2018
This Tweet was posted on July 28th, at 1.44 PM.
Soon after this, Twitter became a battle ground of trolls, hackers and security experts, and everyone scrambled to dig out private information about RS Sharma, using his Aadhaar number.
The Aftermath Of Aadhaar Challenge!
Elliot Anderson, a self-proclaimed ‘French security researcher’, who had earlier investigated security loopholes in the overall security structure of UIDAI and some apps, smartphone brands, took this challenge, and started digging information using RS Sharma’s Aadhaar details.
His first tweet was:
Pffff ???? https://t.co/ijlxGBBl4Z
— Elliot Alderson (@fs0c131y) July 28, 2018
This was posted on July 28th, at 4.02 PM.
In the next couple of hours, Elliot tweeted a barrage of public information about RS Sharma, which is anyways available across public domain.
In the next tweet, he mentioned RS Sharma’s phone number, and then revealed that this number belongs to secretary.
Then, he shared RS Sharma’s profile pic of Whatsapp, and then his address, date of birth and alternate phone numbers.
I supposed this is your wife or daughter next to you pic.twitter.com/UPSru1PGUT
— Elliot Alderson (@fs0c131y) July 28, 2018
In between, he also requested RS Sharma to remove his personal details from public domain.
Remove it please
— Elliot Alderson (@fs0c131y) July 28, 2018
By 7.46 PM on July 28th, Elliot had dug out RS Sharma’s PAN Card number as well.
PAN number pic.twitter.com/yKwtT7QuCh
— Elliot Alderson (@fs0c131y) July 28, 2018
He also mentioned the fact that there is no bank account linked with RS Sharma’s Aadhaar number.
In the end, he declared that UIDAI’s database is not safe.
If your phone numbers, address, dob, bank accounts and others personal details are easily found on the Internet you have no #privacy. End of the story.
— Elliot Alderson (@fs0c131y) July 28, 2018
To tease his further, he also said that Sharma needs to change his Gmail password.
You probably need to change your gmail account password @rssharma3 #JustSaying
— Elliot Alderson (@fs0c131y) July 28, 2018
Later, Elliot claimed that his tweets about the Aadhaar challenge earned him 5.7 million impressions.
UIDAI Dismisses This Data Hack!
Once Elliot’s Twitter handle shared these details, UIDAI, the creator Aadhaar, dismissed the data hack, and declared that no personal or private information about RS Sharma was revealed through his Aadhaar number.
The press release categorically stated: “…any information published on Twitter about the said individual…RS Sharma was not fetched from Aadhaar database or UIDAI’s servers.”
As per UIDAI, the information shared by Elliot and other Twitter users was easily available on the public domain, as RS Sharma is a public servant.
UIDAI tweeted:
Certain so-called hackers while responding to a challenge thrown by Shri Sharma to attempt to really ‘harm him by using his Aadhaar’, have claimed to have found his mob no., PAN & other details such as alt. mob no., DoB, email, photo, frequent flight details, etc, through Aadhaar
— Aadhaar (@UIDAI) July 29, 2018
UIDAI has even described the data hacks on Twitter as ‘fake news’, as none of the details were extracted from Aadhaar’s database. Date of birth, phone number, PAN etc are all available on Google, even without Aadhaar number, as per UIDIA.
Aadhaar database is fully safe and secure and no such information about Mr Sharma has been fetched from UIDAI’s severs or Aadhaar database. This is merely cheap publicity by these unscrupulous elements who try to attract attention by creating such fake news. 8/n
— Aadhaar (@UIDAI) July 29, 2018
RS Sharma also received support from a section of Twitter users, who said that no private information was hacked.
Such a big hacker and all he could manage in 5 hours is a phone number which is already a public record (he’s a government official)? The man gave his aadhar number and challenged everyone to bring something concrete which could harm him, not something which is public record. ?
— Saket Singh (@TheWhatsappGuy) July 28, 2018
I’m a lawyer. He’s right though. Not just his cell, his PAN, email and other information about him could be obtained. It’s not such a terrible loss of privacy, but it still is one. So my suggestion is you chill till the SC decides and then brazenly defend if.
— Pranav Govind (@pranavngovind) July 28, 2018
So, who won the challenge here? The matter is open to debate.
Do share your views and opinions on this news, by commenting right here!
i was searching for the full story…
thank you…
such a beautiful blog man
Nice Blog………….