Rajasthan Government Fixes Security Bugs In Jan Aadhaar Portal After Sensitive Data Exposure

The Rajasthan government has fixed the security bugs affecting its website, which previously exposed sensitive documents and personal information belonging to millions of residents.

The bugs were present on the Rajasthan government website associated with Jan Aadhaar, a state initiative aimed at offering a unique identifier to families and individuals for accessing welfare programmes.

These vulnerabilities exposed copies of Aadhaar cards, birth and marriage certificates, electricity bills, and income statements linked to registrants. Additionally, personal details such as date of birth, gender, and father’s name were also compromised.

In December, security researcher Viktor Markopoulos, working with cybersecurity firm CloudDefense.ai, discovered vulnerabilities in the portal. Seeking assistance in responsibly disclosing these issues to the authorities, Markopoulos reached out to the tech news portal, TechCrunch.

Last week, the Indian Computer Emergency Response Team, also known as CERT-In, intervened to address and resolve the identified bugs.

Introduced in 2019, the Jan Aadhaar portal provides a swift avenue for accessing benefits under the state government's welfare programmes. The portal encompasses a database comprising over 7.8 crore individuals and 2 crore families within the state of Rajasthan.