Search

Aadhaar Data of Farmers Exposed by Government's PM Kisan Website, Security Researcher Reports

Concerned authorities took months to fix the reported issue exposing the Aadhaar numbers of the registered farmers.

Advertisement
Highlights
  • PM Kisan website was exposing the data from one its parts
  • The researcher reached out to CERT-In in January
  • Aadhaar data exposure was fixed in late May
Aadhaar Data of Farmers Exposed by Government's PM Kisan Website, Security Researcher Reports

It is unclear whether an attacker was able to breach the exposed data until the website was fixed

Photo Credit: Unsplash/ Markus Spiske

Aadhaar data of a large number of farmers was leaked by a government website designed for the welfare of the agriculture sector in India, a security researcher has reported. The website, called PM Kisan, allows the government to distribute grants to farmers under the Pradhan Mantri Kisan Samman Nidhi programme. However, due to an issue, one of its parts was publicly exposing Aadhaar numbers of enrolled farmers. The website has registered over 110 million farmers since its launch in 2019.

Security researcher Atul Nair said in a post on Medium that a part of the PM Kisan website was leaking the Aadhaar number of its registered farmers.

"The website provides an endpoint, which returns information about the beneficiary. This endpoint was also sending Aadhaar numbers," Nair told Gadgets 360.

The issue was first spotted by the researcher in late January and was reported by India's Computer Emergency Response Team (CERT-In). Shortly after receiving the report, the nodal agency forwarded the details to the concerned authorities. They, however, apparently took some months to fix the exposure.

Nair wrote in his post that the issue was fixed in late May. He told Gadgets 360 that he had confirmed that the issue was no longer reproducible.

However, it is not confirmed whether an attacker was able to breach the data until it got fixed.

CERT-In appreciated the researcher for reporting the issue, though it did not explicitly confirm the fix or whether the data was not breached.

Gadgets 360 reached out to the National Informatics Centre (NIC) — the developer and maintainer of the PM Kisan website, and an official has confirmed the fix.

"Upon receipt of the vulnerability, the PMKisan team undertook necessary action to fix the vulnerability," the NIC official said. However, she did not confirm whether the exposed data was not breached by an attacker until the vulnerability got fixed.

Aadhaar numbers of individuals in the country are not of confidential nature, per the Unique Identification Authority of India (UIDAI) — the statutory authority that is mandated to issue the 12-digit uniquely identified numbers. Nevertheless, it does restrict users from sharing Aadhaar cards on public platforms.

This is notably not the first time when the Aadhaar data of individuals was exposed by a government website. In 2019, the Jharkhand government reportedly exposed the unique identification numbers of its thousands of workers.

A few days later, state-owned liquid petroleum gas (LPG) manufacturer Indane had also allegedly exposed Aadhaar details of millions of its consumers.


Missed Apple's WWDC 2022? We discuss every major announcement on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.
Affiliate links may be automatically generated - see our ethics statement for details.

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

 
Show Full Article
Please wait...
Advertisement

Related Stories

Popular Mobile Brands
  1. Vivo X200 FE Global Launch Confirmed; Design Teased
  2. Vivo Y400 Pro 5G India Launch Date Confirmed; Design Revealed
  3. Poco F7 Launch Date, Price in India, Design and Key Features Leaked Online
  4. Hisense U7Q Mini-LED TV Launched in India With These Features
  5. Tecno Pova 7 5G Series Confirmed to Launch in India Soon
  6. Vivo T4 Lite 5G to Launch in India Soon; Battery Capacity Revealed
  7. Oppo Reno 14 5G Series, Watch X2 Mini, Enco Buds 3, Pad SE to Launch Globally
  8. Oppo K13x 5G India Launch Date, Price Range and Key Features Revealed
  1. Bitget Partners UNICEF Unit to Expand Blockchain Training Across India, Other Countries 
  2. WhatsApp Reportedly Working on Ability to Scan Documents on Android Smartphones
  3. ElevenLabs Expands Eleven V3 Text-to-Speech Model With Support for 41 New Languages
  4. Vivo T4 Lite 5G India Launch Confirmed; Battery Capacity, Price Range Teased
  5. TikTok Pushes Deeper Into AI-Generated Video Ads With New Tools
  6. Apple Risks Fresh EU Charge Sheet Over App Store Curbs
  7. The Witcher 4 Will Target 60 FPS on Consoles, but Series S Will Be 'Extremely Challenging' Says CD Projekt Red
  8. Oppo Reno 14 5G Series Global Launch Teased Alongside Watch X2 Mini, Enco Buds 3 and Pad SE
  9. Microsoft Begins Testing AI Agents in Windows 11, Brings Option to Share Recall Snapshots in Europe
  10. watchOS 26 to Bring Control Center Customisation Options with User-Defined Toggles
Gadgets 360 is available in
Download Our Apps
App Store App Store
Available in Hindi
App Store
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.
Trending Products »
Latest Tech News »