Shooting the messenger? UIDAI files FIR against The Tribune over Aadhaar data leak exposé

A police complaint for exposing the Aadhaar data breach!

Two days after The Tribune exposed a national security breach as they gained access to the Aadhaar database in exchange for Rs 500, the Unique Identification Authority of India (UIDAI) filed a police case against the newspaper as well as the reporter Rachna Khaira. A First Information Report (FIR) was lodged with the Delhi Police Crime Branch Cyber Cell by the UIDAI deputy director on Saturday.

What was the expose about?

On January 4, The Tribune had carried a story in which it reported how the Aadhaar details of more than one billion users are at risk.  The Tribune purchased a service being offered by anonymous sellers over WhatsApp for just Rs 500 that provided unrestricted access to details for any of the more than 1 billion Aadhaar numbers created in India.  The payment was done through Paytm and the ‘agent’ created a ‘gateway’ by giving the reporter a login ID and password. After that, the reporter was able to get all the details of any individual, who was registered for Aadhaar. The reporting team paid another Rs 300 for a ‘software’ that enabled the printing of any citizen’s Aadhaar card with their numbers.

ALSO READ: Aadhaar, Right to Privacy and a whole lot more: Video perfectly sums up ‘privacy matters’

How did UIDAI respond to the data breach?

After the report came out, UIDAI’s Chandigarh regional office asked the newspaper whether it was at all possible for them to view or obtain fingerprints and iris scan of any person through the UIDAI portal. They also asked how many Aadhaar numbers they managed to obtain using the login IDs that they got from the agent.


UIDAI, later, said in a statement that there “has not been any Aadhaar data breach. The Aadhaar data, including biometric information, is fully safe and secure,” reports The Indian Express.


What prompted UIDAI to take action?

The UIDAI has called the exposé a ‘criminal conspiracy’. The FIR has been lodged under the Indian Penal Code (IPC) Sections 419 (punishment for cheating by impersonation), 420 (cheating), 468 (forgery) and 471 (using  a forged document as genuine), as well Section 66 of the IT Act and Section 36/37 of the Aadhaar Act.

Apart from The Tribune and the reporter Rachna Khaira, the FIR mentions Anil Kumar, Sunil Kumar, and Raj, all of whom were contacted by Khaira for the story.

ALSO READ: Aadhaar data leak yet again! Here are 7 previous instances when your security was breached

What are the reactions?

UIDAI ‘s FIR against The Tribune has sparked widespread reactions. Many are calling it a classic case of ‘shooting the messenger’ and have questioned why the authority isn’t serious about working on fixing its own loopholes.

Here are some of the reactions from many journalists: