The government on Thursday said that it has taken action to protect citizens’ data and has blocked those websites that were exposing Aadhaar and PAN details.

These websites were exposing sensitive personally identifiable information including the Aadhaar and PAN Card details of Indian citizens. According to sources in the Ministry of Electronics and Information Technology (MeitY), these websites include the following: https://indianaerospaceandengineering.com; https://thestarkidz.com; and https://www.asianbariatrics.com.

“The development comes after a senior MeitY official noticed that some X users were posting that a simple Google search — “index of Aadhaar card” — returned results listing websites that were hosting citizens’ Aadhaar and PAN details. He took cognizance of the matter and immediately asked officials to take action,” a government source told businessline.

According to posts on X, one could simply click on these websites to access complete details of citizens’ Aadhaar and PAN. They were even exposing Aadhaar details of children, along with their photographs.

“It has come to the notice of the MeitY that some websites were exposing sensitive personal identifiable information including Aadhaar and PAN Card details of Indian citizens. This has been taken up seriously as the government accords the highest priority to safe cybersecurity practices and the protection of personal data. In line with this, prompt action has been taken to block these websites,” MeitY said.

Security flaws

The Unique Identification Authority of India (UIDAI) has lodged a complaint with the police authorities concerned for violation of the prohibition under section 29(4) of the Aadhaar (targeted delivery of financial and other subsidies, benefits and services) Act, 2016 on public display of Aadhaar information, it said.

“The analysis of these websites by the Indian Computer Emergency Response Team (CERT-In) has shown some security flaws in these websites. The concerned website owners have been provided guidance about the actions to be taken at their end for hardening the ICT infrastructures and fixing the vulnerabilities,” MeitY noted.

Recently, Star Health has also taken legal action against instant messaging platform, Telegram and a hacker who allegedly leaked sensitive customer data through chatbots. A court in Tamil Nadu has issued a temporary injunction ordering Telegram and the hacker to block any chatbots or websites in India that are distributing the leaked data.

End