Special 
A French hacker has come up with a revelation that the Aadhaar documents can be accessed online by using a Google 'dork' search. This comes four days after the same hacker, Robert Baptiste, who goes by the name Elliot Alderson on Twitter, posted a video on how one can bypass the password protection of the Aadhaar Android app in just 1 minute.
Robert flagged a major flaw in the Aadhaar system, and said the biometric details related to Aadhaar accounts can be accessed on Google. Multiple news reports also suggested that by just typing 'Mera Aadhaar, Meri Pehchan', which is UIDAI's tagline, on Google, the search opens several PDF files containing Aadhaar information like name, parents name, address, Aadhaar number, picture, and even date of birth. The only information that was not available online was biometric details. However, the UIDAI has junked the hacker's claim and said that by simply knowing someone's Aadhaar, no one can impersonate and harm anybody. The UIDAI said one needs biometric details to authenticate identity.
Reports suggested some websites were openly revealing Aadhaar information on Google. These portals include incois.gov.in (official government website of the Indian National Centre for Ocean Information Services), the-aiff.com (official website of All India Football Federation), and Starcards India, a private payment gateway service provider. A quick online search found that the Incois has taken down the Aadhaar details, but the AIFF didn't bother to remove those details online. One can easily get access to the details of several Aadhaar accounts on the website.
The French hacker has said it is high time the UIDAI increases protection around the Aadhaar system. "Hi @UIDAI and @ceo_uidai, it's time for you to force your partners to handle #Aadhaar cards in a secure way. If you make a Google search query with one of this line you will find thousand of #Aadhaar card. @UIDAI: It's time to admit that this is not OK and to work on a fix," he tweeted.
Hi @UIDAI and @ceo_uidai, it's time for you to force your partners to handle #Aadhaar cards in a secure way.
If you make a Google search query with one of this line you will find thousand of #Aadhaar card.@UIDAI: It's time to admit that this is not OK and to work on a fix. pic.twitter.com/wHDlKevF68- Elliot Alderson (@fs0c131y) March 16, 2018
The UIDAI has advised people not to get carried away or confused with some news appearing in social and other media on Aadhaar PDF being available on Google search on 'Mera Aadhaar, Meri Pehchan'. The authority has said such news is intended to "spread misinformation on India's robust identity system - Aadhaar - and are intentional and irresponsible acts of some unscrupulous elements".
The authority, through a tweet, has suggested that people sharing personal information, including Aadhaar, on internet to some or other service provider or vendor should take due precautions. "Aadhaar just like any other id, therefore, is never to be treated as a confidential document. By simply knowing someone's Aadhaar, no one can impersonate and harm him because Aadhaar alone is not sufficient, it requires biometrics to authenticate one's Identity," the UIDAI said.
Aadhaar just like any other id, therefore, is never to be treated as a confidential document. By simply knowing someone's Aadhaar, no one can impersonate & harm him because Aadhaar alone is not sufficient, it requires biometrics to authenticate one's Identity. 6/8
- Aadhaar (@UIDAI) March 17, 2018
The UIDAI's ambitious Aadhaar project is the world's largest biometric database with whopping 111 crore people of the total 125 crore Indians already connected with the identity scheme. While there's no doubt the Aadhaar system makes it easy for the government to rollout benefits that can reach the masses effectively, can the government guaranty the safety of this behemoth database?
Copyright©2025 Living Media India Limited. For reprint rights: Syndications Today
