Aadhaar Data Breach: Threats, Vulnerabilities, Legal and Ethical Issues, Consequences, Lessons Learned and Recommendations
Added on 2022-11-13
11 Pages2720 Words311 Views
Running head: CASE INVESTIGATION REPORT
Case Investigation Report
Name of the Student
Name of the University
Author Note
Case Investigation Report
Name of the Student
Name of the University
Author Note
CASE INVESTIGATION REPORT
1
Table of Contents
Introduction:....................................................................................................................................2
Threats, Vulnerabilities and Exploits analysis:...............................................................................2
Legal and Ethical issues analysis:....................................................................................................4
`Consequences of the Data Breach analysis:...................................................................................5
Lessons Learned:.............................................................................................................................6
Recommendation:............................................................................................................................7
Conclusion:......................................................................................................................................8
References:......................................................................................................................................9
1
Table of Contents
Introduction:....................................................................................................................................2
Threats, Vulnerabilities and Exploits analysis:...............................................................................2
Legal and Ethical issues analysis:....................................................................................................4
`Consequences of the Data Breach analysis:...................................................................................5
Lessons Learned:.............................................................................................................................6
Recommendation:............................................................................................................................7
Conclusion:......................................................................................................................................8
References:......................................................................................................................................9
CASE INVESTIGATION REPORT
2
Introduction:
Currently, the data breach is one of the most important issue in the aspect of information
security. Data breach is actually the unintentional or intentional release of some confidential or
the secured type of information within an untrusted type of environment (Sen and Borle 2015).
The definition of data breach also includes information leakage, data spill and leakage of data.
Common type of data breach includes disclosure of personal information that are sensitive in
nature. This type of information consists personal social media information, credit card numbers,
corporate information and healthcare histories. Basic reasons for which a data breach occurs are
the hacking activities, unauthorized type of access gain and accidentally sending some crucial
information to the wrong recipients.
In the context of data breach, one of the biggest data breach of the history was the
Aadhaar data breach which took place last year in India. Aadhaar is actually a 12 digit of random
numbers which are unique in nature for each of the persons of India. This is a unique way of
identification of the citizens of India. This includes both of the demographic information and
biometric information of the citizens of India which are highly sensitive data. But in the last year
these data were breached due to which more than 1 billion peoples were affected.
Threats, Vulnerabilities and Exploits analysis:
The data breach of the Aadhaar happened due to various of reasons which includes flaws
in the application itself and improper security at the official website of them. Thus properly
understanding the issues in the Aadhaar proper analysis of threats, vulnerabilities and exploits
are required in this case.
2
Introduction:
Currently, the data breach is one of the most important issue in the aspect of information
security. Data breach is actually the unintentional or intentional release of some confidential or
the secured type of information within an untrusted type of environment (Sen and Borle 2015).
The definition of data breach also includes information leakage, data spill and leakage of data.
Common type of data breach includes disclosure of personal information that are sensitive in
nature. This type of information consists personal social media information, credit card numbers,
corporate information and healthcare histories. Basic reasons for which a data breach occurs are
the hacking activities, unauthorized type of access gain and accidentally sending some crucial
information to the wrong recipients.
In the context of data breach, one of the biggest data breach of the history was the
Aadhaar data breach which took place last year in India. Aadhaar is actually a 12 digit of random
numbers which are unique in nature for each of the persons of India. This is a unique way of
identification of the citizens of India. This includes both of the demographic information and
biometric information of the citizens of India which are highly sensitive data. But in the last year
these data were breached due to which more than 1 billion peoples were affected.
Threats, Vulnerabilities and Exploits analysis:
The data breach of the Aadhaar happened due to various of reasons which includes flaws
in the application itself and improper security at the official website of them. Thus properly
understanding the issues in the Aadhaar proper analysis of threats, vulnerabilities and exploits
are required in this case.
CASE INVESTIGATION REPORT
3
Threats Analysis: In this context the main threats with this system was the third party
leaks. It has been assessed that there was various of third party leaks regarding the
demographic data of the individuals who were registered in the Aadhaar database (Pope
2018). One of the major cases due to which threats occurred in this system that leak of
infrastructure of the Aadhaar application. This leak was done by the CSC e-governance
Services India Ltd. In this leak they posted a picture with the machine that used for the
Aadhaar application along with the application screen open of the individuals. In this
screen bulk personal details were visible due to which threat occurred in the in the overall
system. Also, there are several of applications are there which claims that they provide
Aadhaar related services but actually all of these was fraud applications which was used
for collecting personal information of the users. It is also assessed that about 5000
officials were having Aadhaar portal access without any type of proper authorization
which was also a major threat for the Aadhaar related services. Vulnerability Analysis: In the detailed analysis it has been also assessed that the Aadhaar
program was having some vulnerability in their system which made major contribution in
this data breach case. The mAadhaar app of the Aadhaar program was some serious flaws
in it due to which the whole system becomes vulnerable. This application was available
in Google Play Store and from there it was analyzed by a French security researcher
(Tyagi, Rekha and Sreenath 2018). That security researcher showed the current flaws in
the application. It was very much guaranteed that the hackers used those flaws for to get
access to the Aadhaar database which will provide the demographic data of the users as
the process was simple for most of the hackers. A college graduate was also able to get
access to the database of the Aadhaar without any type of proper authorization. For this,
3
Threats Analysis: In this context the main threats with this system was the third party
leaks. It has been assessed that there was various of third party leaks regarding the
demographic data of the individuals who were registered in the Aadhaar database (Pope
2018). One of the major cases due to which threats occurred in this system that leak of
infrastructure of the Aadhaar application. This leak was done by the CSC e-governance
Services India Ltd. In this leak they posted a picture with the machine that used for the
Aadhaar application along with the application screen open of the individuals. In this
screen bulk personal details were visible due to which threat occurred in the in the overall
system. Also, there are several of applications are there which claims that they provide
Aadhaar related services but actually all of these was fraud applications which was used
for collecting personal information of the users. It is also assessed that about 5000
officials were having Aadhaar portal access without any type of proper authorization
which was also a major threat for the Aadhaar related services. Vulnerability Analysis: In the detailed analysis it has been also assessed that the Aadhaar
program was having some vulnerability in their system which made major contribution in
this data breach case. The mAadhaar app of the Aadhaar program was some serious flaws
in it due to which the whole system becomes vulnerable. This application was available
in Google Play Store and from there it was analyzed by a French security researcher
(Tyagi, Rekha and Sreenath 2018). That security researcher showed the current flaws in
the application. It was very much guaranteed that the hackers used those flaws for to get
access to the Aadhaar database which will provide the demographic data of the users as
the process was simple for most of the hackers. A college graduate was also able to get
access to the database of the Aadhaar without any type of proper authorization. For this,
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Mits Advanced Research Techniques Research Report 2022lg...
|6
|1197
|19
Facebook and Mark Zuckerberg Recent Case Studylg...
|6
|1131
|243
Information Assurance And Serviceslg...
|8
|1697
|18
Analysis of It Security And Managementlg...
|8
|832
|14
Summary of Attack | Computer and Network Securitylg...
|7
|1353
|29
Facebook and Mark Zuckerberg Case Studylg...
|7
|1480
|419