NEW DELHI: The IT Ministry has come down heavily on websites exposing sensitive personal identifiable information of citizens, including their Aadhaar and PAN Card details, and has ordered them to be blocked.
Sources said the websites/URLs ordered blocked include https://www.asianbariatrics.com/uploads/, https://thestarkidz.com/cp/img/dob_proof_imgae/, and https://indianaerospaceandengineering.com/media/student/aadharcard/ There was, however, no official confirmation of the same.
The step comes days after the Star Health hacking episode where data of 31 million citizens is feared to have been compromised.
In an official statement, the IT Ministry said the govt is committed to having an open, safe, trusted and accountable internet. “It has come to notice… that some websites were exposing sensitive personal identifiable information, including Aadhaar and PAN Card details, of citizens. This has been taken up seriously as the govt accords highest priority to safe cyber security practices and protection of personal data. In line with this, prompt action has been taken to block these websites.”
The statement also said that the Unique Identification Authority of India (UIDAI) has lodged a police complaint for violation of the prohibition under section 29(4) of the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016 on public display of Aadhaar information.
“The analysis of these websites by the Indian Computer Emergency Response Team ( CERT-In ) has shown some security flaws in these websites. The concerned websites owners have been provided guidance about the actions to be taken at their end for hardening the ICT infrastructures and fixing the vulnerabilities,” the IT Ministry said.
The country’s cyber watchdog CERT-In has already issued “Guidelines for Secure Application Design, Development, Implementation & Operations” for all entities using IT applications. It has also given directions under the IT Act, 2000, relating to information security practices, procedure, prevention, response and reporting of cyber incidents.
The statement said that the IT Ministry has notified the IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, which provide for non-publication and non-disclosure of sensitive personal data. “Any adversely affected party can approach the Adjudicating Officer under Section 46 of the IT Act for filing a complaint and seeking compensation. The IT Secretaries of the States are empowered as Adjudicating Officers under the IT Act.”
Further, the Digital Personal Data Protection Act, 2023, has already been enacted and the Rules under this Act are in the advanced stage of drafting.
Sources said the websites/URLs ordered blocked include https://www.asianbariatrics.com/uploads/, https://thestarkidz.com/cp/img/dob_proof_imgae/, and https://indianaerospaceandengineering.com/media/student/aadharcard/ There was, however, no official confirmation of the same.
The step comes days after the Star Health hacking episode where data of 31 million citizens is feared to have been compromised.
In an official statement, the IT Ministry said the govt is committed to having an open, safe, trusted and accountable internet. “It has come to notice… that some websites were exposing sensitive personal identifiable information, including Aadhaar and PAN Card details, of citizens. This has been taken up seriously as the govt accords highest priority to safe cyber security practices and protection of personal data. In line with this, prompt action has been taken to block these websites.”
The statement also said that the Unique Identification Authority of India (UIDAI) has lodged a police complaint for violation of the prohibition under section 29(4) of the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016 on public display of Aadhaar information.
“The analysis of these websites by the Indian Computer Emergency Response Team ( CERT-In ) has shown some security flaws in these websites. The concerned websites owners have been provided guidance about the actions to be taken at their end for hardening the ICT infrastructures and fixing the vulnerabilities,” the IT Ministry said.
The country’s cyber watchdog CERT-In has already issued “Guidelines for Secure Application Design, Development, Implementation & Operations” for all entities using IT applications. It has also given directions under the IT Act, 2000, relating to information security practices, procedure, prevention, response and reporting of cyber incidents.
The statement said that the IT Ministry has notified the IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, which provide for non-publication and non-disclosure of sensitive personal data. “Any adversely affected party can approach the Adjudicating Officer under Section 46 of the IT Act for filing a complaint and seeking compensation. The IT Secretaries of the States are empowered as Adjudicating Officers under the IT Act.”
Further, the Digital Personal Data Protection Act, 2023, has already been enacted and the Rules under this Act are in the advanced stage of drafting.
You may also like
Navi Mumbai: 2 Arrested In Koparkhairane For 10 House-Breaking Cases; ₹14 Lakh In Stolen Valuables Recovered From Accused
Ally McCoist erupts with rage during Rangers win over Malmo - 'Absolutely baffles me'
Princess Kate's brother James Middleton offers three-word health update as chemo ends
Shootout in Mexico: 11 armed attackers killed in police confrontation
