French cybersecurity researcher Robert Baptiste, who goes by the online handle Elliot Alderson, claims he has uncovered a security lapse in India's Aadhaar system which exposed sensitive information of millions of Indian Oil customers. The state-owned corporation markets its cooking gas under its Indane brand.
Exclusive: A new security lapse has exposed over 5.8 million Aadhaar numbers. https://t.co/DgLAcCx6Nx— TechCrunch (@TechCrunch) February 19, 2019
"I wrote the python script. By running this script, it gives us 11062 valid dealer ids. After more than 1 day, my script tested 9,490 dealers and found that a total of 5,826,116 Indane customers are affected by this leak," he wrote.
He said that he could have gotten more customer records but his IP was blocked by Indane.
"Unfortunately, Indane probably blocked my IP, so I didn't test the remaining 1,572 dealers. By doing some basic math we can estimate the final number of affected customers around 6,791,200," Alderson added.
Officials from UIDAI and Indane were not available for comment.