<p>Just a few months before the 2019 general elections in February, Prime Minister Narendra Modi-led government launched the flagship Pradhan Mantri Kisan Samman Nidhi Yojana (aka PM Kisan scheme) to offer monetary benefits for farmers in the country.</p>.<p>Since the launch, more than 11 crore (110 million) citizens have enrolled with Aadhaar number ID on the PM Kisan website. </p>.<p>Now, it has come to light that the website had a security loophole and may have compromised the social security Aadhaar number of the farmers.</p>.<p>Due to a lack of proper authorization protocol in the PM-Kisan website, an endpoint connected to the user database was left vulnerable to attack from bad actors. Even those with knowledge of coding could have written a programme to scrape all the Aadhaar numbers, independent cyber security expert Atul Nair said on his blog.</p>.<p>PM-Kisan website has a dashboard that offers simple-to-understand information such as the number of farmers enrolled in the scheme and a breakdown of details including villages, districts, and states.</p>.<p>All eligible farmers get Rs 6,000 in three installments (Rs 2,000 once in four months) annually.</p>.<p>"My father is a farmer and he benefits from the PM Kisan Yojana. So while using the website, I saw the dashboard feature. Being a security researcher, I thought to check out the feature for security issues. There is no monetary benefit in it. I just wanted to make it secure, and CERT-In did a great job in responding and fixing the issue," Kannur-based Atul Nair told DH on how he came across the security loophole in the PM-Kisan website. </p>.<p>Nair earlier this year on January 29 promptly reported the security issue with CERT-In (Indian Computer Emergency Response Team). The latter responded with an acknowledgment of the issue on January 31. </p>.<p>In the following month, CERT-In gave an update that the aforementioned issue has been escalated to the concerned department and it was finally fixed in May.</p>.<p>So far, there are no reports of leakage of farmers' Aadhaar card details.</p>.<p><em>Get the latest news on new launches, gadget reviews, apps, cybersecurity, and more on personal technology only on <a href="https://www.deccanherald.com/tag/dh-tech?_ga=2.210580691.73733284.1595225125-1706599323.1592232366" target="_blank">DH Tech.</a></em> </p>
<p>Just a few months before the 2019 general elections in February, Prime Minister Narendra Modi-led government launched the flagship Pradhan Mantri Kisan Samman Nidhi Yojana (aka PM Kisan scheme) to offer monetary benefits for farmers in the country.</p>.<p>Since the launch, more than 11 crore (110 million) citizens have enrolled with Aadhaar number ID on the PM Kisan website. </p>.<p>Now, it has come to light that the website had a security loophole and may have compromised the social security Aadhaar number of the farmers.</p>.<p>Due to a lack of proper authorization protocol in the PM-Kisan website, an endpoint connected to the user database was left vulnerable to attack from bad actors. Even those with knowledge of coding could have written a programme to scrape all the Aadhaar numbers, independent cyber security expert Atul Nair said on his blog.</p>.<p>PM-Kisan website has a dashboard that offers simple-to-understand information such as the number of farmers enrolled in the scheme and a breakdown of details including villages, districts, and states.</p>.<p>All eligible farmers get Rs 6,000 in three installments (Rs 2,000 once in four months) annually.</p>.<p>"My father is a farmer and he benefits from the PM Kisan Yojana. So while using the website, I saw the dashboard feature. Being a security researcher, I thought to check out the feature for security issues. There is no monetary benefit in it. I just wanted to make it secure, and CERT-In did a great job in responding and fixing the issue," Kannur-based Atul Nair told DH on how he came across the security loophole in the PM-Kisan website. </p>.<p>Nair earlier this year on January 29 promptly reported the security issue with CERT-In (Indian Computer Emergency Response Team). The latter responded with an acknowledgment of the issue on January 31. </p>.<p>In the following month, CERT-In gave an update that the aforementioned issue has been escalated to the concerned department and it was finally fixed in May.</p>.<p>So far, there are no reports of leakage of farmers' Aadhaar card details.</p>.<p><em>Get the latest news on new launches, gadget reviews, apps, cybersecurity, and more on personal technology only on <a href="https://www.deccanherald.com/tag/dh-tech?_ga=2.210580691.73733284.1595225125-1706599323.1592232366" target="_blank">DH Tech.</a></em> </p>