Bengaluru police arrest Ola engineer for illegally accessing Aadhaar data

Bengaluru police arrest Ola engineer for illegally accessing Aadhaar data

Bengaluru police arrest Ola engineer for illegally accessing Aadhaar data

In yet another shocking breach of privacy, a software engineer has been arrested for allegedly hacking into personal details of over 40,000 Aadhaar cardholders to develop an unauthorized mobile app.

Born in Kanpur, Uttar Pradesh, Abhinav has an Integrated Master's degree in Industrial Chemistry from IIT-Kharagpur.

The complaint was filed at the High Ground Police Station on July 26 and it was later transferred to Cyber Crime police. Intriguingly, Quarth Technologies, a company previously started by Srivastava with a friend, was acquired by Ola, the taxi-hailing service, in 2016.

An FIR has been registered under sections 37 and 38 of Aadhaar Act 2016, sections 65 and 66 of IT Act of 2000, and sections 120 B, 468 and 271 of the Indian Penal Code. The 31-year-old MSc graduate from IIT-Kharagpur is the founder of Qarth, worked at Ola in the position of "Hacker at Ola Connected Car Platform", as per his LinkedIn Profile. The centre enjoys access to UIDAI data as it is an AUA. "I had developed an Aadhaar e-KYC verification app and put it on Google Play Store".

The complaint received by the police stated that Srivastava had accessed UIDAI data without authorisation between January 1 and July 26 for an app called "eKYC Verification", reported Indian Express.

As per reports, the data theft was perpetrated by hacking into a government-run e-hospital server.

Meanwhile, police officials who are probing the case are looking the technical details on how the accused Abhinav Srivasatav got the required access to provide e-KYC, and how the database did not display the name of the KYC agency calling the server to provide Aadhaar verification and others. The app was released in January this year, and by the time the leak was detected, about 50,000 people had downloaded the app on their cellphones, it is said. Srivastav had earned about Rs 40,000 in advertisement revenue through this application, reports IBTimes.

Pandey reiterated that Aadhaar data is completely safe and secure and requested people not to disclose their Aadhaar number to any unauthorized or unknown websites or Apps or persons on phone. Even as he claimed that he did not steal any information but only gave access to a server, using Aadhaar data without prior permission from the UIDAI is a violation of the Aadhaar law. Apart from Aadhar-eKYC, he has created five other mobile applications.

Related news