Andhra Pradesh: After Aadhaar data ‘leak’, operation to secure details launched

The Women and Child Welfare Department collects data as part of the government’s efforts to track health of pregnant women from poor households and provides nutritious food, monetary aid, and timely medical assistance.

However, data of some 4.8 lakh women collected in the last three months, including their Aadhaar numbers, were uploaded on the CORE Dashboard (CM Office Real Time Executive Dashboard) which gives latest information from all departments.

After cyber security expert Kodali Srinivas pointed it out, the department immediately disabled the column displaying Aadhaar numbers. “Since 2015, the department has leaked mandal and village-wise data of nearly 20 lakh women, names of their husbands, health status and Aadhaar numbers,” Srinivas said on Monday. He also intimated the leak to UIDAI and Computer Emergency Response Team of India (CERT-In).

“The teams handling the websites of the government departments do not realise the importance of Aadhaar numbers. Other times, the leak happens inadvertently while uploading it for display on the CM’s dashboard,” Srinivas said.

On Saturday, the state government had shut down pages of three websites, including the AP Housing Corporation, after data of beneficiaries of several schemes appeared on the website. The Housing Corporation website showed details of 1.32 lakh beneficiaries like Aadhaar numbers, bank accounts, age, caste and religion, and geo-location which was collected during a comprehensive household survey that the TDP government ordered after the bifurcation in June 2014.

Details of nearly 70 lakh students, including those availing government scholarships and fee reimbursement benefits were also recently leaked. All these websites have now been shut down or certain columns have been disabled.

Kodali Srinivas also said that in two recent instances, Aadhaar details of about 89 lakh MNREGA beneficiaries were displayed on the website of AP Benefit Disbursement Department website.

AP CMO officials said that data is uploaded to maintain transparency, but sometimes personal information is inadvertently displayed.

IT Minister N Lokesh Naidu said that an operation has been initiated to secure the data and ensure that it does not happen again. “We have started the AP Cyber Security Operations Centre (Cyber SOC) to sanitise and monitor all the websites of the various government departments. All the departments are now submitting their website details and we are sanitising backend servers. Cyber SOC has taken over all the AP Government websites and we are doing an audit and inspection to find out how secure the data is, where it is stored and how to protect it better. It will take about a week to complete the operation,” Lokesh Naidu said.