Security fail

17 Nov 2017
There has been the spread of the linking of the patient identity cards of HIV positive patients, pushed for by the National Aids Control Organisation. While it is not compulsory, in November 2017 it was reported that some patients reported that they were denied treatment until they gave their
23 Mar 2018
In March 2018, a security researcher discovered that the state-owned utility company Indane had access to the Aadhaar database via an API, but they did not secure this way of entry. As a result, anybody was able to use this service to access details on the Aadhaar database about any Aadhaar number
16 Dec 2017
In December 2017, it was revealed that the large telco Bharti Airtel made use of Aadhaar-linked eKYC (electronic Know Your Customer) to open bank accounts for their customers without their knowledge or consent. eKYC is a way of using data in the UIDAI database as part of the verification process
04 Jan 2018
In January 2018, journalists found that, for 500 rupees (around $7USD), they were able to buy on WhatsApp access to a gateway that allowed them to access the personal details connected to any of the entries on the Aadhaar database - by entering any Aadhaar number, they could see details like the
11 Sep 2018
In September 2018, a software patch was found by journalists to be widely available, that disabled or weakened the security features in the software used to enroll people on the Aadhaar databse, potentially from anywhere in the world. The patch was reportedly widely-available in WhatsApp groups
04 Dec 2017
The French data protection regulator, the Commission Nationale de l'Informatique et des Libertés (CNIL), has issued a formal notice to Genesis Industries Limited, the maker of the connected toys My Friend Cayla and I-QUE. Genesis has two months to bring the toys into compliance with data protection
11 Apr 2016
In March 2016, a hacker group identifying itself as Anonymous Philippines defaced the website of the Philippine Commission on the Elections (Comelec), leaving a message that accused Comelec of not doing enough to secure the voting machines due to be used in the general election the following month
25 Sep 2015
In a 2015 study of 79 apps listed in NHS England's Health Apps Library, which tests programs to ensure they meet standards of clinical and data safety, researchers at Imperial College London discovered that 70 of them sent personal data to associated online services and 23 sent that data without
13 Oct 2015
In 2015, a data leak apparently linked to the new Uber partner app exposed the personal information of hundreds of drivers, including their Social Security numbers, scanned drivers' licences, tax forms, and other documents. The information was likely to have been available for at least a few hours
02 Dec 2016
For a period between the end of October and November 3 2016 the heating and hot water systems in two buildings in the city of Lappeenranta, Finland were knocked out by a distributed denial of service attack designed to make the systems fail. The systems responded by repeatedly rebooting the main
30 Aug 2018
The payday lender Wonga announced in April 2017 that a data breach at the company affected an estimated 270,000 customers, 245,000 of them in the UK and the rest in Poland. The company sent those it thought were affected messages warning that it believed there may have been illegal and unauthorised