PF data 'stolen' from Aadhaar seeding link

The Telegraph
May 03, 2018

Hackers appear to have stolen data from the Employees Provident Fund Organisation (EPFO), which manages over Rs 8.5 lakh crore in pension funds, by burrowing through an Aadhaar seeding platform.

The EPFO tried to play down the seriousness of the data hack by suggesting that the data busters hadn't managed to break into its servers but had exploited certain vulnerabilities in a gateway which is managed by CSC E-Governance Services Ltd, the Aadhaar seeding platform.

The web portal that was hacked allowed EPFO field offices and CSC centres to seed Aadhaar with the Provident Fund's universal account number (UAN) allocated to employees. Seeding is the process by which Aadhaar numbers are included in the service delivery database of service providers.

The EPFO said it had shut down the website on March 22 and asked CSC to secure the confidential data of employees and plug vulnerabilities.

On Wednesday night, the EPFO was allowing its members to access their accounts and download their passbooks.

CSC E-Governance Services is a special purpose vehicle set up by the electronics and information technology ministry.

In a letter dated March 23, 2018, marked "secret" and sent to Dinesh Tyagi, chief executive officer of CSC E-Governance Services, the EPFO said it had been informed by the Intelligence Bureau that its data "has been stolen by hackers, exploiting vulnerabilities".

The leak of the letter sent the EPFO scrambling to quell fears among its subscribers numbering millions that their personal data and the amounts residing in their accounts would now become public knowledge.

The EPFO said: "Warnings regarding vulnerabilities in data or software are a routine administrative process, based on which the services which were rendered through CSC have been discontinued with effect from March 22, 2018."

The statement went on to claim that "no confirmed data leakage has been established or observed so far... as such there is nothing to be concerned... EPFO has taken all necessary precautions and measures."

The EPFO is just one of many government departments that uses CSC's platform for Aadhaar-seeding various services. In February this year, the Unique Identification Authority of India (UIDAI) terminated its relationship with CSC, citing corruption and violations in the Aadhaar-enrolment centres run by the company.

Sources said they felt that the hackers might have harvested some Aadhaar numbers and the details that go with it.

Till now, the EPFO has linked some 34.5 million out of some 47 million active PF accounts with Aadhaar identities. However, officials said that EPFO-linked Aadhaar accounts were maintained on a separate server which had not been compromised.

Comments

Post a Comment

Popular posts from this blog

ED tracks Swiss Bank A/Cs of Agusta scamster

The Poineer February 10,2019 Rakesh K Singh The Enforcement Directorate (ED) has tracked a dozen Swiss bank accounts in the name of Rajiv Saxena, who is key accused in the Rs 3,600 crore AgustaWestland VVIP chopper scam. The ED has also found out accounts held by  his family members and associates where the kickbacks in the now scrapped deal were allegedly parked. Two bank accounts are in the name of Rajiv Saxena’s  associates Pankaj Jain and Sumita Jain who are also the authorised signatories. The  third is in the name of another associate Ajit Singh Bubber, but Rajiv and his family members are authorised signatories. The remaining nine accounts are largely owned and operated by Rajiv, his family members and associates. Rajiv Saxena was deported by the UAE authorities on January 30 and the ED formally arrested him the next day and a court later granted his remand to the agency. He is currently undergoing custodial interrogation by the ED. The agency had in 2017 arrested his
Read more

J&K Cricket Board Scam: Chargesheet Filed Against Farooq Abdullah, 3 Others By CBI

OUTLOOK July 16, 2018 The agency has levelled charges of criminal conspiracy and criminal breach of trust under the Ranbir Penal Code against Abdullah and three others. The CBI on Monday filed a chargesheet against former Jammu and Kashmir chief minister Farooq Abdullah and three others in a special court in Srinagar in connection with alleged irregularities and misappropriation of funds in the Jammu and Kashmir Cricket Association. After the fall of the Peoples Democratic Party (PDP) and the BJP government, this is the biggest development that has taken place in the state. The National Conference has not reacted to the chargesheet so far. The agency has levelled charges of criminal conspiracy and criminal breach of trust under the Ranbir Penal Code against Abdullah, the then president of JKCA, Md Saleem Khan - the then general secretary, Ahsan Ahmad Mirza - the then treasuer and Bashir Ahmad Misgar, an executive in the J&K Bank. The BCCI gave Rs 112 crore t
Read more

As financial insecurity rises in urban India, so does investment in insurance

Image
Scroll.in March 13, 2020 Urban Indians are becoming less confident about their financial security. Up to 58% of them fret over financial independence post retirement, which is a 4% increase from last year. An equal share of urban Indians worry about meeting their daily medical expenses and sustaining their current lifestyle once they stop working. The findings are part of a survey published by Delhi-based Max Life Insurance in association with London-based consultancy Kantar. The firms surveyed 7,014 respondents in 25 cities, including six metros, nine tier-1 cities, and 10 tier-2 cities, between December 2019 and January 2020. Source: Max Life Insurance via Quartz The trends Source: Max Life Insurance via Quartz Source: Max Life Insurance via Quartz Source: Max Life Insurance via Quartz A significant share of urban Indians also say their families will have no financial support in the event of the breadwinner’s death. In such a scenario, around 57% believe the family sav
Read more