1.2 billion data Aadhaar records were compromised in the first half of 2018, according to Breach Level Index, a global database of public data breaches, released by digital security platform Gemalto.
The Breach Level Index revealed that a total of 945 data breaches led to 4.5 billion data records being compromised worldwide during the period.
When compared to the corresponding period of 2017, the number of lost, stolen or compromised records increased by an alarming 133 percent. However, the total number of breaches decreased, which implies that the severity of each incident has increased.
The report pointed out that six social media breaches alone accounted for over 56 percent of the records that were compromised – the largest being the Cambridge Analytica-Facebook data breach.
The Aadhaar number, a 12-digit unique identifier assigned to every Indian citizen, can be used to retrieve personal information stored by the Unique Identification Authority of India (UIDAI) on any of India's 1.1 billion citizens including their name, address, photo, phone number and email address. The data security platform that releases the Breach Level Index has cited the report in The Tribune which suggested that an anonymous service allowed anyone who could pay Rs 500 to access any citizen's information.
What is the Breach Level Index and how does it work?
The Breach Level Index is a global database that tracks data breaches and measures their severity based on multiple parameters including:
- Number of records compromised
- Type of data
- Source of the breach
- How the data was used, and whether or not the data was encrypted
This way, the index compares the breaches and sets the severe ones aside from the non-serious ones.
What else does the report point out?
During the first six months of 2018, more than 25 million records were compromised or exposed every day globally, the report said. That is 291 records being compromised every second.
These records include information ranging from credit card numbers and financial transactions to medical records and personal identifiable information.
The report suggests that outsiders are the primary source of data breaches followed by accidental loss of records. Meanwhile, identity theft continues to be the leading type of data breach since 2013, when the index started tracking data breaches. In addition, the US makes for the majority of all breaches and the number of records compromised.
Gemalto, on September 18, withdrew its report which claimed that data breach incidences in India were the second highest globally on account of compromise in the Aadhaar database.
"Gemalto profusely regrets on its Breach Level Index Report 2018 and the subsequent press release issued in India on 15th October where it has by mistake taken into account an unverified news article about alleged Aadhaar data breach," the company said in a statement.
"...all concerned should take note of it that we have not been able to track any verified or substantiated data breach of Aadhaar database of UIDAI. As a result, Gemalto has withdrawn this alleged data from the Breach Level Index. Any inconvenience caused to UIDAI is deeply regretted," the statement said.Note: Gemalto withdrew the report later in the day. Click here to read the story.