Home
News Shots
Trending
Menu
×
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT
Hometechnology

PM-Kisan website security vulnerability risked 11 crore farmers' Aadhaar IDs

CERT-In responded promptly to Atul Nair's alert on PM-Kisan website's security loophole and fixed it in May
ohit KVN
Rohit KVN
Last Updated : 14 June 2022, 12:39 IST
Last Updated : 14 June 2022, 12:39 IST
DH Web Desk
Last Updated : 14 June 2022, 12:39 IST
Last Updated : 14 June 2022, 12:39 IST

Follow Us :

Comments

Just a few months before the 2019 general elections in February, Prime Minister Narendra Modi-led government launched the flagship Pradhan Mantri Kisan Samman Nidhi Yojana (aka PM Kisan scheme) to offer monetary benefits for farmers in the country.

Since the launch, more than 11 crore (110 million) citizens have enrolled with Aadhaar number ID on the PM Kisan website.

Now, it has come to light that the website had a security loophole and may have compromised the social security Aadhaar number of the farmers.

Due to a lack of proper authorization protocol in the PM-Kisan website, an endpoint connected to the user database was left vulnerable to attack from bad actors. Even those with knowledge of coding could have written a programme to scrape all the Aadhaar numbers, independent cyber security expert Atul Nair said on his blog.

PM-Kisan website has a dashboard that offers simple-to-understand information such as the number of farmers enrolled in the scheme and a breakdown of details including villages, districts, and states.

PM-Kisan website (screen-grab)
PM-Kisan website (screen-grab)

All eligible farmers get Rs 6,000 in three installments (Rs 2,000 once in four months) annually.

"My father is a farmer and he benefits from the PM Kisan Yojana. So while using the website, I saw the dashboard feature. Being a security researcher, I thought to check out the feature for security issues. There is no monetary benefit in it. I just wanted to make it secure, and CERT-In did a great job in responding and fixing the issue," Kannur-based Atul Nair told DH on how he came across the security loophole in the PM-Kisan website.

Nair earlier this year on January 29 promptly reported the security issue with CERT-In (Indian Computer Emergency Response Team). The latter responded with an acknowledgment of the issue on January 31.

In the following month, CERT-In gave an update that the aforementioned issue has been escalated to the concerned department and it was finally fixed in May.

So far, there are no reports of leakage of farmers' Aadhaar card details.

Get the latest news on new launches, gadget reviews, apps, cybersecurity, and more on personal technology only on DH Tech.

ADVERTISEMENT
Published 14 June 2022, 11:20 IST
Technology NewsDH TechAadhaarPM-KISAN SchemePradhan Mantri Kisan Samman Nidhi Yojana

Follow us on :

Follow Us

ADVERTISEMENT
ADVERTISEMENT