- The failure of the Indian government’s data handling practices exposed sensitive citizen information over a long period of time
- Search engines indexed this leaked information, making it easily accessible to anyone on the internet
- This breach leaves citizens vulnerable to the potential for identity theft, fraud, medical privacy breaches, and discrimination
- This incident underscores the need for the Indian government to overhaul its data security systems and take stricter measures to prevent future leaks
For years, critical personal information of citizens has been publicly accessible on the Indian government’s cloud platform. The scandal came to light after hundreds of documents containing sensitive data such as Aadhaar numbers, COVID-19 vaccination records, and passport details were leaked online.
Here’s all we know about the issue…
S3WaaS cloud service was identified as the source of the India leak
The source of the leak was identified as S3WaaS, a cloud service used to host government websites. A bug discovered in 2022 accidentally caused private documents to become publicly available. When the documents became public, search engines indexed the sensitive information, making it easy to find online.
When news of the leak broke, authorities acknowledged the problem and removed links to the leaked files from public search engines. However, investigators have found evidence that the leak is still ongoing, and urgent action is needed to secure the remaining data.
Experts point out stricter security measures are needed to protect critically sensitive information. There is concern that the leak could lead to risks such as identity theft and fraud, as well as breaches of medical privacy and discrimination.
The incident highlights the urgent need to reform the government’s data security practices. Steps must be taken to protect citizens’ personal information and prevent similar scandals from occurring again.
Featured image credit: Naveed Ahmed / Unsplash