Security Breach in Rajasthan Government Jan Aadhaar Portal Fixed: Details |
[ad_1]
A security breach found in the Rajasthan government’s website related to January 2023 Aadhaar has been fixed by the state government. If you are unaware, TechCrunch reported that a security researcher named Viktor Markopoulos found a bug in Jan Aadhaar portal, back in December last year.
What was the bug in Jan Aadhaar portal?
The discovery of a critical vulnerability on the Rajasthan government’s Jan Aadhaar portal exposes serious concerns regarding data privacy and security measures.This bug allowed unauthorised access to sensitive personal documents using registered phone numbers, potentially leading to identity theft and financial fraud.
An additional security flaw in the authentication process involved insufficient validation of the One-Time Password (OTP), allowing attackers to potentially bypass security measures and gain unauthorised access.
The bug exposed the personal documents of the citizens which includes copies of Aadhaar cards, bird and marriage certificates, electricity bills, income tax statements along with personal information like date of birth, gender, father’s name, etc.
The bug has been fixed now
As per the latest update, both the bugs in the Jan Aadhaar portal have been fixed with the help of Indian Computer Emergency Response Team or CERT-In. The same has been confirmed now by the CERT-In.
“This is to inform you that we have received a response from the concerned authority that the reported vulnerability has been fixed,” the agency told TechCrunch.
For those unaware, Jan Aadhaar portal was launched in 2019. The portal, according to the report, has over 78 million registered users and this includes around 20 million famalies. The portal is aimed at making Jan Aadhaar cards for citizens living in Rajasthan and make several other government services and schemes accessible through the portal.
What was the bug in Jan Aadhaar portal?
The discovery of a critical vulnerability on the Rajasthan government’s Jan Aadhaar portal exposes serious concerns regarding data privacy and security measures.This bug allowed unauthorised access to sensitive personal documents using registered phone numbers, potentially leading to identity theft and financial fraud.
An additional security flaw in the authentication process involved insufficient validation of the One-Time Password (OTP), allowing attackers to potentially bypass security measures and gain unauthorised access.
The bug exposed the personal documents of the citizens which includes copies of Aadhaar cards, bird and marriage certificates, electricity bills, income tax statements along with personal information like date of birth, gender, father’s name, etc.
The bug has been fixed now
As per the latest update, both the bugs in the Jan Aadhaar portal have been fixed with the help of Indian Computer Emergency Response Team or CERT-In. The same has been confirmed now by the CERT-In.
“This is to inform you that we have received a response from the concerned authority that the reported vulnerability has been fixed,” the agency told TechCrunch.
For those unaware, Jan Aadhaar portal was launched in 2019. The portal, according to the report, has over 78 million registered users and this includes around 20 million famalies. The portal is aimed at making Jan Aadhaar cards for citizens living in Rajasthan and make several other government services and schemes accessible through the portal.
[ad_2]
Source link