A breach of the Unique Identification Authority of India’s Aadhaar biometric system is putting personally identifiable information (PII) of more than 1 billion Indian residents at risk, reports the Tribune, an Indian publication.
Attackers created a gateway to the biometric database, in which any Aadhaar user’s ID number can be entered into a portal, the Tribune reports. Once the number is entered, it will pull up the resident’s name, address, postal code, photo, phone number, and email address, according to the Tribune.
Cyberthieves are selling access to the portal for 500 rupees and are charging an additional 300 rupees for software that allows a victim’s Aadhaar card to be printed, according to the report.
Read more about the massive breach, which is being denied by the Unique Identification Authority of India even though Tribune reporters were able to make Aadhaar data purchases as part of their investigation, on DarkReading.