According to a report by security researcher Atul Nair, a part of the Indian government’s Pradhan Mantri Kisan Samman Nidhi website was revealing Aadhaar-associated detail of farmers’ who are benefitting under the scheme.
Pradhan Mantri Kisan Samman Nidhi, better known as PM-Kisan, is a government initiative that provides farmers in India with a minimum support income of Rs 6,000 per year. It uses farmers’ Aadhaar data for registration and further processes, such as direct benefit transfer (DBT). Aadhaar — which is a unique 12-digit number assigned to an Indian citizen as part of the country’s identity database — is often required for availing government services. The number is not secretive by nature, but unauthorised access could leave details like residential addresses, bank account details, and other important data exposed and prone to hacking.
Nair also said this bug could have enabled attackers to gathered all the data pertaining to the farmers in the scheme by writing a basic script leaving personal data of million of farmers exposed online. As of now, the Pradhan Mantri Kisan Samman Nidhi website has more than 11 crore farmers are registered on the platform. This means that attackers could have easily accessed personal data of over 110 million farmers.