spot_img

HinduPost is the voice of Hindus. Support us. Protect Dharma

Will you help us hit our goal?

We’re aiming to add 2,500 contributions in the next 30 days, to help keep HinduPost free.

Give
spot_img
Hindu Post is the voice of Hindus. Support us. Protect Dharma
21.3 C
Sringeri
Saturday, May 4, 2024
type here...
Science & Technology

Raj govt fixes website bugs exposing residents’ sensitive Jan Aadhaar info

IANS
IANS
(Image Source : IANS)
(Image Source : IANS)

Rajasthan government has fixed security issues impacting its website related to Jan Aadhaar that exposed millions of residents’ personal information and sensitive documents.

Jan Aadhaar is a state programme that provides a single identifier to families and individuals in Rajasthan so that they can access the welfare schemes.

Aadhaar cards, birth and marriage certificates, electricity bills, income statements, and personal information, such as date of birth, gender and father’s name, were exposed by the bugs, TechCrunch reported.

The bugs were found by the cybersecurity company CloudDefense.ai security researcher Viktor Markopoulos in the Jan Aadhaar portal in December.

The bugs were resolved last week through an intervention by the Indian Computer Emergency Response Team, or CERT-In, the report mentioned.

“This is to inform you that we have received a response from the concerned authority that the reported vulnerability has been fixed,” the agency was quoted as saying.

According to the researcher, a bug allowed anyone to access personal documents and information if they knew the phone number of the registrant.

The other flaw was causing the server to improperly validate one-time passwords, which allowed sensitive data to be returned.

The state’s Jan Aadhaar portal, launched in 2019, clams that it has over 78 million individual registrants and 20 million families. The portal aims to provide “One Number, One Card, One Identity” to the residents of Rajasthan which can be used to access various state government welfare schemes.

Meanwhile, researchers have uncovered a highly-sophisticated cyber-espionage campaign, ‘Operation RusticWeb’, which the threat actors are using to target various personnel within the Indian government to steal confidential documents.

The campaign, first detected in October 2023, uses Rust-based malware and encrypted PowerShell commands, to exfiltrate confidential documents, according to Seqrite, the enterprise arm of global cybersecurity solutions provider, Quick Heal.

(This article has been published via a syndicated feed)

Subscribe to our channels on Telegram &  YouTube. Follow us on Twitter and Facebook

Liked It?
Support Hindupost

Related Articles

IANS
IANS

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles

Load more
Sign up to receive HinduPost content in your inbox
Select list(s):

We don’t spam! Read our privacy policy for more info.

HinduPost is a news, commentary and opinion digital media outlet that provides the correct perspective on issues concerning Hindu society.

Popular Tags

IslamismUttar PradeshAnti-HinduPersecution of HindusHindu DharmaPakistanCongressKeralaWest BengalBJP

Follow us

COPYRIGHT © HINDUPOST.IN

Thanks for Visiting Hindupost

Dear valued reader,
HinduPost.in has been your reliable source for news and perspectives vital to the Hindu community. We strive to amplify diverse voices and broaden understanding, but we can't do it alone. Keeping our platform free and high-quality requires resources. As a non-profit, we rely on reader contributions. Please consider donating to HinduPost.in. Any amount you give can make a real difference. It's simple - click on this button:
Support Us I'll Give Later
By supporting us, you invest in a platform dedicated to truth, understanding, and the voices of the Hindu community. Thank you for standing with us.