Home Created by potrace 1.16, written by Peter Selinger 2001-2019News Created by potrace 1.16, written by Peter Selinger 2001-2019India Created by potrace 1.16, written by Peter Selinger 2001-2019French Researcher Hacks Into Telangana Aadhaar Portal ‘With Ease’

French Researcher Hacks Into Telangana Aadhaar Portal ‘With Ease’

Exposing vulnerabilities, a French researcher breached the Telangana govt benefit disbursement portal ‘TSPost’.

The Quint
India
Published:
Exposing vulnerabilities, a French researcher breached the Telangana government benefit disbursement portal ‘TSPost’.
i
Exposing vulnerabilities, a French researcher breached the Telangana government benefit disbursement portal ‘TSPost’.
(Photo: Saumya Pankaj/The Quint)

advertisement

Exposing vulnerabilities, a French researcher breached the Telangana government benefit disbursement portal ‘TSPost’ on Sunday 25 February. The portal holds Aadhaar details of 56 lakh beneficiaries of NREGA (National Rural Employment Guarantee scheme) and 40 lakh beneficiaries of social security pensions (SSP), reported The Times of India.

The researcher, Baptiste Robert, has been actively working towards highlighting the lack of security of data in the Aadhaar database. On 25 February he posted on his Twitter how, with a simple hack, he could access the data on TSPost.

Hackers and researchers commonly use SQL (structured query language) code to attack the backend of a website.

After he pointed out the vulnerability, the government put the website offline.

Also ReadBombay HC Refuses to Defer Deadline to Link Aadhaar & Ration Cards
In theory, a government website is very secure, but in India, it’s another story. http://tspost.aponline.gov.in is vulnerable to a basic SQL injection that allows an attacker to access the database of the website. To be clear, all the data on this website can be a dump. Telangana government officials say they are working to fix it. For this website, they have to hire decent web developers to protect it from attacks.
Baptiste Robert told The Times of India

The report in The Times of India quoted a TSPost official as saying, “We are working on fixing the vulnerability after it was reported to us. It was online due to certain dependencies. We have taken off the site from the web, and we hope by Tuesday evening we will be able to set it right.”

(Hey there, lady! What makes you laugh? Do you laugh at sexism, patriarchy, and misogyny? Do 'sanskaari' stereotypes crack you up? This Women's Day, join The Quint's Ab Laugh Naari campaign. Pick up that beer, say cheers, and send us photographs or videos of you laughing out loud at buriladki@thequint.com.)

(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)

Published: undefined

ADVERTISEMENT
SCROLL FOR NEXT