Home Created by potrace 1.16, written by Peter Selinger 2001-2019Tech and auto  Created by potrace 1.16, written by Peter Selinger 2001-2019Tech news  Created by potrace 1.16, written by Peter Selinger 2001-2019Data of 7 Mn Indian Users Breached at Service Centres: Israeli Co

Data of 7 Mn Indian Users Breached at Service Centres: Israeli Co

The data of 7 million users in India has been breached and is available on a public domain as per vpnMentor.

The Quint
Tech News
Published:
As per an Israeli company, vpnMentor, data of more than 7 million Indians has been breached.
i
As per an Israeli company, vpnMentor, data of more than 7 million Indians has been breached.
(Photo: iStock)

advertisement

The data of approximately 7 million users in India has been breached and is available on a public domain as per vpnMentor, a cybersecurity firm in Israel.

According to a report in The Times of India (TOI), vpnMentor discovered a breach where the data of millions of users was exposed while onboarding them to the BHIM app.

The exposed data also included images of individuals' Aadhaar cards and UPI identifiers onboarded by associates of common service centres (CSC) of e-Governance Services India.

Also ReadMajor Data Breach Exposes Card Details of Half a Million Indians

The breach was discovered by Noam Rotem and Ran Locar, who are members of the vpnMentor research team.

“We detected the breach on 23 April and contacted India’s CERT (central emergency response team) on 29 April, and until last week the data continued to be available.”   
Noam Rotem to <a href="https://timesofindia.indiatimes.com/india/israeli-co-claims-7m-users-data-breached-at-service-centres/articleshow/76126781.cms">TOI</a>

In response to the vpnMentor statement, the CSC e-Governance Service said, data points like merchant virtual payment address (VPA) were kept public for wider transparency of the system.

Along with the above, static pages of the portal, PDF files, e-text, pictures, and awareness videos were also kept public.

“The project did not did not involve taking Aadhaar data of any merchant, therefore there is no question of any personal identifiable information such as Aadhaar data to be made public.”
CSC e-Governance Service of India to <a href="https://timesofindia.indiatimes.com/india/israeli-co-claims-7m-users-data-breached-at-service-centres/articleshow/76126781.cms">TOI</a>

They also said that the data has been hosted on Indian servers located within the country's borders.

Also ReadTwitter Warns Indian Users About Data Breach, Update the App Now 

(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)

Published: undefined

ADVERTISEMENT
SCROLL FOR NEXT