Aadhaar: 'Leak' in world's biggest database worries Indians

Aadhaar cardGetty Images

Indian officials in charge of a controversial biometric identity scheme have filed a police complaint after a report that citizens' personal details were being sold for as little as 500 rupees ($7.8;£5.8) online.

The Unique Identification Authority of India (UIDAI) wants a probe into "unauthorised access" to its database.

But it said biometric data was safe.

The Tribune newspaper claimed that it bought user details via an "agent" advertising his services on WhatsApp.

The report is the latest revelation against the UIDAI biometric system known as Aadhaar, which means foundation.

It said that once it paid the "agent", its reporters were given a username and password that allowed them to enter any Aadhaar number into the UIDAI website and get access to user information including name, address, photo, phone number and email address.

The report added that payment of a further 300 rupees provided "software" that allowed them to print out any Aadhaar card for which they had the number.

The UIDAI says the breach seems to be a misuse of a grievance redressal scheme that allowed Aadhaar agents to rectify issues like a change in address and wrong spelling of a person's name.

However, it added that the scheme did not grant access to people's biometric details.

The revelations in the report made headlines in India, with many on social media expressing concern over the security of their personal data.

This Twitter post cannot be displayed in your browser. Please enable Javascript or try a different browser.View original content on Twitter
The BBC is not responsible for the content of external sites.
Skip twitter post by Shivam Vij

Allow Twitter content?

This article contains content provided by Twitter. We ask for your permission before anything is loaded, as they may be using cookies and other technologies. You may want to read Twitter’s cookie policy and privacy policy before accepting. To view this content choose ‘accept and continue’.

The BBC is not responsible for the content of external sites.
This Twitter post cannot be displayed in your browser. Please enable Javascript or try a different browser.View original content on Twitter
The BBC is not responsible for the content of external sites.
Skip twitter post 2 by Jagdish Chaturvedi

Allow Twitter content?

This article contains content provided by Twitter. We ask for your permission before anything is loaded, as they may be using cookies and other technologies. You may want to read Twitter’s cookie policy and privacy policy before accepting. To view this content choose ‘accept and continue’.

The BBC is not responsible for the content of external sites.

Aadhaar started out as a voluntary programme to help tackle benefit fraud, but recently it has been made mandatory for access to welfare schemes.

Critics have repeatedly warned that the scheme puts personal information at risk" and have criticised government efforts to compulsorily link it to bank accounts and mobile phone numbers.

The government has always insisted that the biometric data is "safe and secure in encrypted form", and anybody found guilty of leaking data can be jailed and fined.

A case challenging its mandatory linking to schemes and bank accounts is pending before the country's Supreme Court.