Critical Vulnerability on Indian State Government Website Leaks PII of Residents

Rajasthan Local Voter Getty
An Indian state government has fixed security issues impacting its website that exposed the sensitive documents and personal information of millions of residents. The bugs existed on the Rajasthan government website related to Jan Aadhaar, a state program to provide a single identifier to families and individuals in the state to access welfare schemes. One of the bugs allowed anyone to access personal documents and information with knowledge of a registrant’s phone number. The state’s Jan Aadhaar portal, which launched in 2019, says it has more than 78 million individual registrants and 20 million families. The portal aims to offer “One Number, One Card, One Identity” to residents in the northern state of Rajasthan for accessing state government welfare schemes.