Aadhaar Software Hacked To Generate Unlimited IDs; Security Experts Say Hack Is Real!
The latest hack has been confirmed by global security experts.
Till now, every Aadhaar hack news we reported was a concern about data privacy of Indian citizens, and how the data can be manipulated for any illegal usage.
But now, the issue is different: The concern has now translated into horror, as we just found that Aadhaar enrollment software has been hacked, this means that anyone can now generate unlimited Aadhaar IDs.
This is not a concern now, because now, National Security is at stake.
The worst part: Global security experts have confirmed this hack.
Aadhaar Software Is Really Hacked?
Huffingtonpost has carried a detailed investigation into a report of Aadhaar enrollment software being hacked to generate multiple IDs of users.
The news of this hack has been verified by them via global security experts from three different locations, and they all have confirmed that the hack is real.
One of the security expert: Gustaf Björksten, who is the Chief Technologist at Access Now, a global technology policy and advocacy group said, “Whomever created the patch was highly motivated to compromise Aadhaar,”
What Exactly Is The Hack?
As per the details available, the hack is in fact a patch for the Aadhaar enrollment software, which can be used anywhere in the world.
Once the patch is installed in a computer having that Aadhaar enrollment software, then anyone can generate multiple Aadhaar IDs, bypass security protocols, and in short, induce mayhem and chaos at will.
The Aadhaar enrollment software actually needs the biometric verification of the operator, which this patch overrides – This means anyone can login, and start creating IDs for Aadhaar.
The patch reduces the accuracy level of IRIS scanner, which means the newly generated Aadhaar ID can have any random photograph.
And, the patch turns off the in-built GPS capability of the software, which means that UIDAI or any other agency will never know if any fake Aadhaar IDs have been generated or not.
In layman terms, this is a disaster.
How Can It Endanger National Security?
Using this patch, and the Aadhaar software, anyone sitting in Pakistan or Syria can generate Aadhaar IDs for any person (say terrorist), and then they can enter India without any hiccups.
With Aadhaar they can do whatever they want to do.
Besides, Aadhaar is used for allocating ration and other basic services. With fake Aadhaar IDs, any person can siphon off ration, and literally, have food for free.
These are just some of the issues which can crop up.
The patch is available for as low as Rs 2500 on thousands of Whatsapp groups.
National Critical Information Infrastructure Protection Centre and UIDAI both have been informed about this patch, and there has been no comment from them so far.
Besides Gustaf Björksten, the other security expert who has confirmed the hack is Dan Wallach, Professor of Computer Science, and Electrical and Computer Engineering, at Rice University in Houston, Texas.
We will keep you updated, as we receive more updates.
UPDATE; UIDAI has dismissed the allegations. Here is their press release issued via Twitter:
UIDAI hereby dismisses a news report appearing in social and online media about Aadhaar Enrolment Software being allegedly hacked as completely incorrect and irresponsible. 1/n
— Aadhaar (@UIDAI) September 11, 2018