Millions of Aadhaaar numbers were leaked by Indane LPG. A French researcher, Alderson claimed that he found a major security lapse that allegedly exposed millions of Aadhaar numbers of dealers and distributors associated with Indane, an LPG brand owned by the Indian Oil Corporation.
Indane serves more than 90 million families through a network of 9100 distributors. It may be that Indane supposedly exposed a part of its database that contained consumers’ names, addresses, and Aadhaar numbers. However, IndianOil denies the allegations. Another reason could be a part of Indane website for dealers and distributors was left indexed in Google, allowing anyone to gain unlimited access to the consumers’ database, without any need to enter a username and password, a new research claims.
The potentially compromised details include names, addresses and the customers’ confidential Aadhaar numbers hidden in the link of each record. The estimated number of affected consumers is 6,791,200.
This page contains lots of informations such as -
- The hyperlink associated to the “Consumer No” contains a parameter called “aadhar_no”
- The “Consumer Name”
- The “Consumer Address”
- On the bottom right we have the “Total Records”
- In the url, there is a parameter called dealerID.
Indian Oil has strongly refuted reports that there has been any Aadhaar data leak through Indane Gas website. In a statement issued today, the PSU said, "Indian Oil in its software captures only the Aadhaar number which is required for LPG subsidy transfer. No other Aadhaar related details are captured by Indian Oil."
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
