By joining the growing list of notorious Indian government institutions and agencies, the Jharkhand government has been seen allegedly leveraging the base number and other details of the thousands of other government personnel on their website. There was no security protection in the online system being used by the government to manage the presence of all government employees in the state and the webpage with the employee’s personal details was easily accessible to anyone who wanted to see it Was. The website is currently unrecoverable.
According to a report by TechCrunch, the Jharkhand government’s web-based presence system has been left unsafe till at least 2014. It introduced the names of government employees, their photo, designation, partial phone number, and base number. Aadhaar numbers were not directly listed on the webpage, but the website was getting the image of workers by sending their base number, which is clearly visible in the URL of the image link.
It has been said in the report that the attendance system was hosted on the sub-domain of the official website of the Jharkhand government and it was also indexed in Google, so its accidental discovery could be possible for anyone. Cash page searches of individual government employee attendance records can be easily found in the index of Vishal. Apart from this, anyone with the basic knowledge of coding can spoil the entire website very easily, in the report cited a security researcher. More than one lakh base numbers have been said to be unsafe.
Aadhaar example leak base leaks
TechCrunch was reportedly able to verify the authenticity of the base number found on the Jharkhand Government website by checking the official UIDAI official tool.
Although the latest leak is not directly related to the Indian Unique Identification Authority (UIDAI), but the agency managing the infrastructure in the country, it shows how the base data can be easily insecure even when it is in the hands of other local agencies. is. Apart from this, being a mere leak of Aadhaar numbers is not very worrying, but such a database has the potential to be used by malicious parties for social engineering hacks.