Seqrite report: UIDAI says no breach of database, repository

NEW DELHI: The Aadhaar-issuing body UIDAI today said there has been no security breach of its database or central repository following a report by a security firm that a hacker had placed information of over 6,000 Indian entities up for sale.

"The supposed incident related to the claimed breach of information from IRINN (Indian Registry for Internet Names and Numbers) does not contain any confidential data of UIDAI and has not affected any services provided by the authority," the Unique Identification Authority of India (UIDAI) said in a statement.

It asserted that there has been no security breach of either its database or Central Identities Data Repository (CIDR).

Seqrite Cyber Intelligence Labs, a unit of BSE-listed Quick Heal Technologies, had yesterday said it tracked an advertisement that claims to have "secret access" to database dump of over 6,000 Indian entities, including government agencies and private organisations.

"As such these details are already present in the public domain and the information available on the Darknet doesn't provide any sensitive or confidential information and has no potential affect as such vis-a-vis the UIDAI," the authority added.

Terming its security controls and protocols as "robust", the authority said the system was capable of countering attempts or malicious designs of data breach or hacking.

"Security of Aadhaar is of critical importance to the Government and UIDAI has given it paramount significance," it said, adding that UIDAI continuously strengthens and reviews its infrastructure and ecosystems in line with the best international security practices and standards.