In 2017, at least 13 Aadhaar-related ‘data breaches’ were reported; security details of 3 million debit cards of 19 banks were compromised in 2016.
New Delhi: The Cambridge Analytica controversy is playing out at a time when India is already grappling with a data breach row related to the Aadhaar project, being implemented by the Unique Identification Authority of India (UIDAI).
Not only this, there have been many security breaches in the past few years in the fields of banking, e-commerce besides government records.
Law minister Ravi Shankar Prasad Wednesday threatened Facebook and its CEO Mark Zuckerberg of “stringent action” if the social media giant tried to interfere in elections through “undesirable” means, referring to the suspected data leak by Cambridge Analytica.
According to a report by ThePrint, a Cambridge Analytica team had made lengthy presentations to both the BJP and the Congress in 2017, probably eyeing a poll campaign deal for 2019.
ThePrint rewinds some past episodes of data breach.
The Aadhaar controversy
The 2016 Aadhaar Act tasked UIDAI with maintaining security and confidentiality of information. A recent report by The Tribune showed just how easy it was to get access to billions of Aadhaar details: it only took Rs 500, 10 minutes and an internet connection.
The UIDAI denied the breach of Aadhaar data and said that The Tribune was ‘misreporting’. The UIDAI also added that only the name and some other details were being exchanged while the biometric database remained fully secure.
But this is not the first time that Aadhaar information was compromised. In 2017 alone, at least 13 breaches were said to have taken place, including one where then cabinet minister Venkaiah Naidu had tweeted a picture of himself handling an over-sized replica of an Aadhaar card to a citizen with the Aadhaar number and other details enlarged in it. Naidu later deleted the tweet.
The Zomato breach
In May 2017, food delivery company Zomato reported that a data breach had taken place which compromised 17 million users’ email IDs and passwords. Zomato claimed that no payment-related data had been affected by the breach and remained secure.
In a security note to its customers, Zomato said, “But if you are paranoid about security like us, we encourage you to change your password for any other services where you are using the same password.”
Bank data leak
In one the biggest security breaches in the country, the debit cards of millions of Indians were put at risk in 2016. After complaints by some citizens that their card information was being used in the US and China, the National Payments Corp of India (NPCI) said that probably one of the payment switch provider systems was compromised. Most of the cards breached were Visa and MasterCard, while some were among the home-grown RuPay.
Around 3 million debit cards and 19 banks, including ICICI Bank, HDFC Bank and Axis Bank were hit and they all asked their customers to change their pins, while State Bank of India said it had blocked certain cards.
Tirupati temple complex
In May 2017, WannaCry a ransomware, affected almost 2 lakh machines globally through a weakness in the Windows software.
A ransomware is a malicious software that blocks the user from accessing their digital data unless a ransom is paid for the access.
One of the biggest security breaches in the world, WannaCry, even affected 10 computers in the Tirumala Tirupati Devasthanam temple complex in Andhra Pradesh, the ‘richest’ temple in the world. The malware also affected over a hundred computers of the Gujarat government.
Motor Vehicles Department, Kerala
Last year, the Motor Vehicles Department of the Kerala government faced a major data breach — 200 million records of vehicle registration numbers were stolen by an outsider, including addresses and phone numbers.
The department had digitised vehicle users’ records from 2010.
The cost of a data breach
When a company’s information is compromised, the cost incurred includes: loss of potential and existing customers, costs of investigative activities, audits, technological renovations and crisis management.
The Breach Level Index shows that 56 breaches happen every second and 3,549 breaches every hour in the world. According to a report by Cisco, there will be six million job openings in the IT field, especially in data security, by 2019.
According to a study by Ponemon Institute and IBM, India has the highest number of breaches in the world, though the cost of it is relatively low.
To make the country’s information more secure, the government rolled out the National Cyber Security Policy in 2013 and amended the IT Act in 2008 to cover cyber security.