Monday July 22, 2019

Data breach in India as Sri Lanka goes ahead with E-Nic surveillance

Jan 05, 2018 08:52 AM GMT+0530 | 3 Comment(s)


ECONOMYNEXT - An Indian newspaper has exposed another massive data breach in India's controversial Aardhar electronics citizens database as Sri Lanka goes ahead to build its own, which can be accessed by the defence secretary without a court order.

Sri Lanka is setting up a citizen's database where officials have asked for extensive information to build a databased of citizens without any privacy laws being place. Critics have said it lays the foundation for a 'big brother' police surveillance state.

Unlike India, where there was no identity card number, Sri Lanka already had a number which could be produced which was under the control of citizens to produce when required.

But the 'big brother' data base could be accessed by rulers without the citizen even knowing. Sri Lanka's Supreme Court is expected to hear petition from liberty activists later this month on the E-Nic surveillance database.

In Sri Lanka in addition to the individual, extended family data is also extracted by the department of registration, in the project initiated by the ousted Rajapaksa administration.

Critics have warned that in addition to rulers who want to track the activities of citizens surreptitiously, the E-NIC database could also be hacked just like they have been in other countries, especially India.

Chandigarh based The Tribune newspaper has exposed a major racket where anyone could pay 500 Indian rupees to an anonymous hacket and gain access to a billion citizen records.

"It took just Rs 500, paid through Paytm, and 10 minutes in which an “agent” of the group running the racket created a “gateway” for this correspondent and gave a login ID and password," the Tribune reported.

"Lo and behold, you could enter any Aadhaar number in the portal, and instantly get all particulars that an individual may have submitted to the UIDAI (Unique Identification Authority of India), including name, address, postal code (PIN), photo, phone number and email.

"What is more, The Tribune team paid another Rs 300, for which the agent provided “software” that could facilitate the printing of the Aadhaar card after entering the Aadhaar number of any individual."

Sri Lankan officials have also falsely claimed that the new E-Nic card could not be forged. But it is possible forge an electronic card as ATM and other card systems have shown. (Colombo/Jan05/2018)


Related Stories


  1. Huh January 06, 08:31 AM

    Mukesh,this article is about a security breach. No matter what it is, databases can br hacked. Also, Sri Lanka doesn't have modern day standards set up for privacy and security. Not everything is about leftist conspiracies. Some of these issues are real important.
    Even the U.S. got hacked (OPM HACK). So, as a small country, we should carefully plan about what we do.I definitely don't want anybody in the law enforcement to snoop on my records without a court order

  2. Mukesh January 05, 02:15 AM

    The aadhaar project which this article refers to is a grand success here in India. There are no loopholes as alleged by critics. Some leftist newspapers keep publishing negative stories of the project to malign its reputation.

  3. Zul January 05, 09:35 AM

    Sri Lanka should look up to Estonia and their e-id program, the implementation of a decentralized database on identity records. Recognizing the fact that it is essential to maintain records of citizens for a efficient public service, new technologies such as encryption and blockchain should be considered for projects of this scale.

Name *
Email *
Telephone Number