Global IT security firm Quick Heal's Enterprise Security brand Seqrite discovered an advertisement on DarkNet forum that claims to have access to data of over 6,000 Indian businesses that include Internet Service Providers (ISPs), some key government organisations, banks and enterprises.
The Unique Identification Authority of India (UIDAI) on Wednesday denied there has been a security breach of its database, following reports that data of some 6,000 Indian businesses and government agencies was up for sale on Internet.
The reported breach "does not contain any confidential data of UIDAI and has not affected any services provided by the authority", said a statement from the UIDAI, a statutory authority collecting and maintaining the world's largest biometric ID system.
Over 117 crore Indians were said to have enrolled for Aadhaar till August 14 this year for direct transfer of financial benefits and other subsidies and services by the government.
"The UIDAI constantly strengthens and reviews its infrastructure and ecosystems in line with the best international security practices and technological standards and have multi-layered security and privacy considerations built into the core strategy of Aadhaar with three basic doctrines of minimal information, optimal ignorance and federated database which give higher level of security," the statement said.
The statement comes after global IT security firm Quick Heal's Enterprise Security brand Seqrite discovered an advertisement on DarkNet forum that claims to have access to data of over 6,000 Indian businesses that include Internet Service Providers (ISPs), some key government organisations, banks and enterprises.
Seqrite Cyber Intelligence Labs, along with its partner seQtree InfoServices, tracked the advertisement by an unknown hacker who priced the information at 15 Bitcoins (nearly Rs 42 lakh).
The organisations whose services were said to be at risk were UIDAI, Idea Telecom, Bombay Stock Exchange (BSE), Flipkart, DRDO, Aircel, Reserve Bank of India, BSNL, SBI, TCS, ISRO, ICICI Prudential Mutual Fund, VMWare, Employees' Provident Fund Organisation and various Indian state government portals.
The UIDAI, however, said it had robust security controls and protocols to counter any attempts or malicious designs of data breach or hacking.
"Security of Aadhaar is of critical importance to the government and the UIDAI has given it paramount significance."