Aadhaar data can be stolen easily, techie arrested for theft holds demonstration
Abhinav Srivastava, the founder of Qarth Technologies Pvt Ltd was arrested for data theft
In a six hour demonstration, a Bengaluru techie and entrepreneur showed the police how easy it was for him to access Aadhaar data from the UIDAI data base. Abhinav Srivastava was arrested last week for the data theft following a complaint by the UIDAI authorities.
Cyber crime police in Bengaluru recorded Abhinav's modus operandi which highlighted a glaring security chink, the lack of Hypertext Transfer Protocol Secure (HTTPS) in the URL that helped Abhinav access details. The founder of an Ola subsidiary firm, Qarth Technologies Pvt Ltd, Abhinav used shortcuts to access data from various websites that used Aadhaar data.
HTTPS consists of communication over Hypertext Transfer Protocol within a connection encrypted by Transport Layer Security. In simpler terms, it is a far better secure connection than the HTTP. HTTPS is aimed at authentication of the visited website and protection of the privacy and integrity of the exchanged data. The lack of it helped the accused hack into an e-hospital website.
On initial investigation, it was found that Abhinav accessed Aadhaar information from an e-hospital's server hosted by the National Informatics Centre. The hospital was a Know Your Customer user agency which has tied up with the UIDAI. Abhinav hacked into the hospital's system and linked the information on its server to an app that he developed.
The app, which was available on google store, has been removed now. It was able to redirect users to the e-hospital's servers to access KYC data. Even as he claimed that he did not steal any information but only gave access to a server, using Aadhaar data without prior permission from the UIDAI is a violation of the Aadhaar law.
Abhinav who holds a masters degree from IIT-Kharagpur used the loopholes in the e-hospital's URL to gain access to its unsecured servers. With his app, anyone could access details about anyone who had an Aadhaar card breaching the privacy of individuals. Following a complaint by the UIDAI, the High grounds police in Bengaluru booked Abhinav, his company and its promoters for accessing secure Aadhaar database and leaking information under sections 37, 38, 29(2) of Aadhaar (Targeted Delivery of Financial and other Subsidies, Benefits and Services) Act 2016, sections 65 and 66 of the IT Act.
OneIndia News
-
Ind Vs NZ T20 World Cup Phalodi Satta Bazar Prediction: Know Who Will Win In India vs New Zealand Final -
India vs New Zealand T20 World Cup 2026 Final: Five Positive Signs Favouring India Before Title Clash -
IND vs NZ Final Live: When and Where to Watch India vs New Zealand T20 World Cup 2026 Title Clash -
Ind vs NZ T20 World Cup 2026: New Zealand Needs 256 Runs To Beat India And Win The World Cup -
UAE Attacks Iran, Becomes 5th Nation To Enter War; Reports Suggest Strike On Iranian Facility -
ICC T20 World Cup 2026 Final: Ricky Martin, Falguni Pathak To Perform At Closing Ceremony, How To Watch -
Who Is Nishant Kumar: Education, Personal Life and Possible Political Role -
IND vs NZ T20 WC Final: New Zealand Win Toss, Opt To Chase; Why Batting First Could Be A Tough Call For India -
Gold Rate Today 8 March 2026: IBJA Issues Fresh Gold Rates; Tanishq, Malabar, Kalyan, Joyalukkas Prices -
From Kerala Boy To World Cup Hero: Sanju Samson’s 89-Run Blitz, His Birth, Religion, Wife And Inspiring Story -
Hyderabad Gold Silver Rate Today, 8 March, 2026: Latest Gold Prices And Silver Rate In Nizam City -
Panauti Stadium? Is Narendra Modi Stadium an Unlucky Venue for India National Cricket Team?
Click it and Unblock the Notifications
Sign in with Google