The Union government on Thursday issued blocking orders for some websites found exposing sensitive personal identifiable information of users online, including Aadhaar and PAN card details.
The Ministry of Electronics and IT in a statement over the issue said that the issue was taken up seriously as the “Government accords highest priority to safe cyber security practices and protection of personal data.”
Click here to connect with us on WhatsApp
In line with this, prompt action has been taken to block these websites, said the Ministry.
The action came after some internet users took to social media and said that a simple internet search about Aadhaar details, was exposing personally identifiable information (PII) of several Indians from certain websites.
According to reports, websites such as starkidz.com, indianaerospaceandengineering.com, and asianbariatrics.com were some domains that were leaking the data, which could be accessed through a simple google search.
“The analysis of these websites by the Indian Computer Emergency Response Team (CERT-In) has shown some security flaws in these websites. The concerned website owners have been provided guidance about the actions to be taken at their end for hardening the ICT infrastructures and fixing the vulnerabilities,” said an official statement from the IT Ministry.
Recently, the breach at Star Health and Allied Insurance led to leakage of sensitive information of about 31 million customers, reportedly amounting to 7.24 terabytes, which was being offered on sale through messaging platform Telegram.
“The Digital Personal Data Protection Act, 2023 has already been enacted and the Rules under this Act are in the advanced stage of drafting. With the aim of sensitising the government, the industry and the citizens about its impact, an awareness programme has also been initiated,” the statement further read.
Cert-In, the nodal agency for cybersecurity under MeitY has in the past issued “Guidelines for Secure Application Design, Development, Implementation & Operations” for all entities using IT applications.
The body has also given directions under the Information Technology Act, 2000, (IT Act) relating to information security practices, procedure, prevention, response and reporting of cyber incidents, said the Ministry.
First Published: Sep 26 2024 | 11:40 PM IST