1. Home
  2. Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

Bengaluru: 31-yr-old techie arrested for accessing Aadhaar data

coastaldigest.com news network
August 4, 2017

Bengaluru, Aug 4: Bengaluru city police has arrested a young techie on the charge of accessing Aadhaar data following a complaint filed by the Unique Identification Authority of India (UIDAI) last week.

The arrested is Abhinav Srivastav, 31, an IIT-Kharagpur graduate, who is currently employed by ANI Technologies, which owns the Ola brand, as a software development engineer. He has been accused of accessing Aadhaar information in January 2017 through an app named ‘Aadhaar e-KYC’, which was available on the Google Play store till recently.

Police said Srivastav had developed five apps and made ₹40,000 from advertisements displayed on them. Police are now scanning all his apps to see whether more violations were committed. The Aadhaar e-KYC app was downloaded over 50,000 times from the Google Play store since its launch in January, the police said.

City Police Commissioner T. Suneel Kumar said that based on the complaint, six teams of police comprising 26 personnel were formed to nab Srivastav and they tracked him down to Koramangala after a week. He has been accused of using the services of another app, ‘e-hospital’, which is listed as an authenticated user agency (AUA) authorised to access UIDAI data.

A senior police officer said there were around 400 entities that have been authorised to access the data for authentication. Srivastav’s company was not among those authorised.

A native of Kanpur, Srivastav completed his M.Sc. in Industrial Chemistry from IIT-Kharagpur and joined a private firm in 2010 as a security researcher. He launched Qarth technologies in 2012 and shut it down in 2016 owing to financial reasons. In March 2016, Ola announced that it had acquired Qarth and its mobile payments product, X-Pay. Srivastav then joined another private firm before joining ANI Technologies last year.

Investigation revealed that the e-hospital company is not aware of his activities. However, further probe is on to ascertain the facts.

The ability of a software engineer to bypass strict protocols set in place by the UIDAI to access critical data puts the spotlight firmly on the security measures employed to protect Aadhaar data.

Police investigation have revealed that Srivastav had piggy-backed on the infrastructure of another app for hacking the data base.

“Aadhaar related information, legally housed by the National Informatics Centre server, was illegally and without authorisation accessed and used to support this mobile application,” said the police statement.

Srivastav, in order to give his ‘Aadhaar e-KYC’ app an air of authenticity, hacked into the server of the NIC, which houses the e-hospital system, which is a solution for government hospitals to handle patient care and other services, including medical records management.

As part of its regulations, the UIDAI accords certain agencies the title of an AUA, which can then provide Aadhaar-enabled services to the cardholder. For authentication, these agencies have to connect to the Central Identities Data Repository (CIDR) through the services of a Authentication Service Agency (ASA). ASAs are bound by regulations that stipulate encryption of data and logging of access.

The 'e-hospital’ platform had access as a registered AUA. Srivastav used this server to route his app requests for data access and managed to steal the data, the police said.

Question raised

In 2016, a paper titled ‘Privacy and Security of Aadhaar: A Computer Science Perspective’ by the Computer Science and Engineering Department of IIT-Delhi raised the question of leakage of Aadhaar number from an AUA.

The paper, which also discusses several other possible threat scenarios, said, “This, however, does not fully mitigate the risks and the possibility of leakage of the Aadhaar number from an AUA, either from the database, or during “Know Your Customer” (KYC) processes, or even during availing services, cannot be ruled out. In particular, there appear to be no safeguards or even guidelines, either technical or legal, on how the Aadhaar number should be maintained and used by various AUAs in a cryptographically secure way, and how to prevent the Aadhaar number of an individual from becoming public.”

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
November 30,2025

airportmetro.jpg

Udupi: The pontiffs of Sri Paryaya Puttige Mutt, the sacred seat of Jagadguru Shrimad Madhvacharya Moola Samsthanam, have submitted a proposal to the Prime Minister seeking comprehensive development for Udupi district. 

Proposal for International Airport

A key request is the establishment of an international airport. Highlighting that around 1,000 acres of land are available and suitable, the pontiffs noted that the existing Mangalore Airport provides limited international connectivity. They suggested the airport be developed under a Public-Private Partnership (PPP) or as a Greenfield Airport to boost trade, education, healthcare, and spiritual tourism.

Metro and Rapid Transit Connectivity

The proposal also calls for Metro Rail or Rapid Transit between Mangaluru and Udupi. The 55 km coastal stretch experiences heavy daily commuter traffic, causing congestion. The district administration is ready to prepare an initial project report for a Mass Rapid Transit corridor and requested inclusion under national urban mobility programmes to ensure safe, green, and time-efficient regional transport.

Port and Coastal Development

The pontiffs urged the development of an international-standard port with a cruise terminal along Udupi’s coast. They also requested fast-tracking of pending coastal tourism projects and revising Coastal Regulation Zone (CRZ) norms to encourage sustainable infrastructure and hospitality investment.

IT, AI and Technological Infrastructure

Support was sought for an IT and AI Innovation Park with incubation facilities under Digital India and Startup India initiatives. The proposal also emphasized the need for strengthened data security and cloud computing infrastructure to boost India’s technological independence.

Sports and Education Initiatives

The pontiffs requested national sports status for Kambala, along with financial and infrastructure support. They also sought the establishment of an AIIMS in Udupi, a new IIT campus, and approval for an IIM to promote higher education in the district.

Representation to the Prime Minister

Sri Sugunendra Tirtha Pontiff and Sri Sushrendra Tirtha Swamiji represented the pontiffs in submitting the comprehensive development proposal to the Prime Minister during his recent visit.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
November 26,2025

Mangaluru, Nov 26: Mangaluru East police have registered a case following a sophisticated online fraud where a 57-year-old local resident was allegedly cheated out of ₹13.4 lakh after being targeted on Facebook.

The scam began in February when the complainant, while browsing Facebook reels, was contacted by a woman identifying herself as "Lillian Mary George" from London. After establishing a chat relationship, the woman claimed she would visit India in November and bring a significant sum of money.

The trap was sprung on November 15, when the victim received a call from a woman named "Sonali Gupta," who claimed Lillian had arrived at Mumbai International Airport but was detained by customs. The fraudsters convinced the man that Lillian was carrying £25,000 (about ₹26 lakh) in traveller’s cheques and 1 kg of gold (valued at around ₹30 lakh).

Under the pretense of clearing these items, the victim was asked to make numerous online transfers between November 15 and 18 for various bogus charges, including:

•    "Pounds exchange registration"
•    "Customs declaration issues"
•    "Discount charges"
•    "Money-laundering charges"

Believing the fictitious story, the complainant transferred the cumulative sum of ₹13.4 lakh to various bank accounts provided by the fraudsters. He realised he was cheated when the culprits later promised a refund within two days but stopped answering his calls. The Mangaluru East police are now investigating the case, which highlights the continuing threat of transnational cyber fraud using social engineering and promises of fictitious wealth.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
December 5,2025

indigoCEO.jpg

New Delhi, Dec 5: IndiGo CEO Pieter Elbers issued a public apology this evening after more than a thousand flights were cancelled today, making it the "most severely impacted day" in terms of cancellations. The biggest airline of the country cancelled "more than half" of its daily number of flights on Friday, said Elbers. He also said that even though the crisis will persist on Saturday, the airline anticipates fewer than 1,000 flight cancellations.

"Full normalisation is expected between December 10 and 15, though IndiGo cautions that recovery will take time due to the scale of operations," the IndiGo CEO said. 

IndiGo operates around 2,300 domestic and international flights daily.

Pieter Elbers, while apologising for the major inconvenience due to delays and cancellations, said the situation is a result of various causes.

The crisis at IndiGo stems from new regulations that boost pilots' weekly rest requirements by 12 hours to 48 and allow only two night-time landings per week, down from six. IndiGo has attributed the mass cancellations to "misjudgment and planning gaps".

Elbers also listed three lines of action that the airline will adopt to address the issue.

"Firstly, customer communication and addressing your needs, for this, messages have been sent on social media. And just now, a more detailed communication with information, refunds, cancellations and other customer support measures was sent," he said.

The airline has also stepped up its call centre capacity.

"Secondly, due to yesterday's situation, we had customers stranded mostly at the nation's largest airports. Our focus was for all of them to be able to travel today itself, which will be achieved. For this, we also ask customers whose flights are cancelled not to come to the airports as notifications are sent," the CEO said.

"Thirdly, cancellations were made for today to align our crew and planes to be where they need to start tomorrow morning afresh. Earlier measures of the last few days, regrettable, have proven not to be enough, but we have decided today to reboot all our systems and schedules, resulting in the highest numbers of cancellations so far, but imperative for progressive improvements starting from tomorrow," he added.

As airports witnessed chaotic scenes, the Directorate General of Civil Aviation (DGCA) stepped in to grant IndiGo a temporary exemption from stricter night duty rules for pilots. It also allowed substitution of leaves with a weekly rest period. 

Civil Aviation Minister Ram Mohan Naidu has said a high-level inquiry will be ordered and accountability will be fixed.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.