India seeks hackers help to protect UIDAI Aadhaar Data of Citizens

Aadhaar is a unique identification number given to each citizen of India and is a replica of the social security number applicable to the American populace. The Indian government has assigned the duty to protect the Aadhaar data of its citizens to the Unique Identification Authority of India (UIDAI) which handles the implementation, association, and application of the number to every person among the Indian populace.

After sensing trouble through the internet in the name of state-funded cyberwarfare, the Aadhaar authority has invited applications from at least 20 hackers who can help protect its website and resources from state-funded hackers and individuals.

However, the selection process will be unique as the government organization wants applications from only those candidates who are listed in the top 100 of the bug bounty leaders’ board such as Bugcrowd and HackerOne. Those associated with tech companies like Microsoft, Google, and Facebook and who received a bounty in the last year will be given additional preference after careful evaluation.

The call for hackers has been made in the wake of some allegations surfacing in the Chinese media about Indian hackers trying to hack the critical infrastructure of Pakistan using Chinese source codes. China warned of a cyber-war in near time in retaliation for such activities, that in reality did not take place.

UIDAI authorities fear that a state-funded hacking group could infiltrate the IT infrastructure of the database holding citizenship ID given to Indians through which it can later source other details such as bank account numbers, property details, movable and immovable property info, PAN details, and government subsidies availed by the Indian citizens.

An independent committee has been appointed to verify the candidate’s background and achievements and past bug hunting record as they will handle sensitive databases.

Cyber Swachhta Kendra, which keeps a tab on malicious activities targeting government infrastructure, stated that the ‘probables’ will be asked to sign a Non-Disclosure Agreement (NDA) and need to follow stipulations framed by UIDAI while in the project.

NOTE- In September 2021, Recorded Future Inc, a cybersecurity firm from Massachusetts stated that a Chinese state-sponsored hacking group infiltrated the database of UIDAI to access and siphon private biometric info of over 1 billion citizens. However, the agency denied these allegations and assured that the data of all the Indian Citizens was safe.


Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display