No breach of Aadhaar servers in IT Grids' case: UIDAI

PTI

Business, Companies

No illegal access was made to its CIDR and no data has been stolen from its servers, UIDAI said in a statement.

According to reports, IT Grids has been booked under the Aadhaar Act for data leak of around 7.82 crore residents.

New Delhi: The Unique Identification Authority of India (UIDAI) said Wednesday there is no evidence of breach of its servers in the recent case where private firm IT Grids (India) was accused of obtaining details of 7.82 crore Aadhaar holders in Andhra Pradesh and Telangana.

In a statement, UIDAI said that its Central Identities Data Repository (CIDR) and servers are completely safe and fully secure. No illegal access was made to its CIDR and no data has been stolen from its servers, UIDAI said in a statement.

"UIDAI has filed a complaint on the basis of a report from Special Investigation Team (SIT) of Telangana Police that IT Grids (India) Pvt. Ltd has allegedly obtained and stored Aadhaar numbers of large number of people in violation of the provisions of the Aadhaar Act.

"Nowhere in the report, the SIT has found any evidence to show that the Aadhaar number, name, address, etc., of the people have been obtained by stealing them from UIDAI servers," the statement said.

UIDAI clarified that service providers usually collect Aadhaar number and other details directly from individuals for providing services.

"They are required under the Aadhaar Act and Information Technology Act to use these sensitive information only for the purpose for which such information has been collected and are not allowed to share further without the consent of the Aadhaar holders.

"If they violate the provisions of Aadhaar Act in collection of Aadhaar numbers from people, their storage, usage, and sharing, they are liable to be prosecuted under the Aadhaar Act," UIDAI added.

The nodal authority for Aadhaar said that through the FIR, the police has been requested by UIDAI to investigate the purpose for which the Aadhaar numbers were collected from the people by IT Grids (India), stored and used (by the company), and whether any provisions of Aadhaar Act were violated in the process.

"The alleged incident has nothing to do with UIDAI's data and servers," the statement added.

Moreover, mere knowledge of someone's Aadhaar number does not put the Aadhaar holder at any risk as there is a layer of 'second factor authentication' including biometric or one time password.

According to reports, IT Grids has been booked under the Aadhaar Act for data leak of around 7.82 crore residents.

Read more...