UIDAI files FIR against The Tribune, reporter Rachna Khaira for Aadhaar data breach 

UIDAI files FIR against The Tribune, reporter Rachna Khaira for Aadhaar data breach After a 3 January news report by The Tribune claimed a breach in Aadhaar data, the Unique Identification Authority of India (UIDAI) has registered an FIR against the news daily and journalist Rachna Khaira, reports said on Sunday. The Tribune report had claimed that it took just Rs 500 and 10 minutes for the newspaper to get an access through an “agent” to every detail of any individual submitted to the UIDAI, including name, address, postal code (PIN), photo, phone number and email. According to The Indian Express report, an unnamed deputy director has filed an FIR under Indian Penal Code Sections 419 (punishment for cheating by impersonation), 420 (cheating), 468 (forgery) and 471 (using as genuine a forged document) against the accused. Section 66 of the IT Act and Section 36/37 of the Aadhaar Act have also been applied against the accused. The FIR has also named Anil Kumar, Sunil Kumar, and Raj, three people who were supposedly contacted for the story by Khira. The Chandigarh-based publication has not yet reacted to the UIDAI registering an FIR for publishing the report, The Indian Express reported. The newspaper, The Tribune, had reported that it received an offer to buy access into the Aadhaar database for Rs. 500, and that its journalist was given login details to access the data. The journalist tried to key in an individual’s Aadhaar number and was able to see the demographic details of the person concerned, the newspaper had claimed. The newspaper which had reported on misuse of the facility, The Tribune, confirmed on its website on Sunday that a police case had been filed. The Unique Identification Authority of India, or UIDAI, had denied that there had been a breach of its biometric database but conceded the facility to access demographic details of individuals provided to designated persons to redress grievances had been misused. It also stressed that biometric details – fingerprints of the enrolled individuals and their Iris scan – had not been accessed. UIDAI had filed the case because unauthorized access was a criminal offence under the law. “Everything else is matter of investigation,” he added.According to the authority, sensitive Aadhaar information was protected by strong cryptography that UIDAI officials say would take “millions of computers and billions of years to decrypt the data”.]]>