Pradhan Mantri Kisan Samman Nidhi is an initiative of the Government of India which offers minimum basic income to all the farmers of the country. The payment of benefits under this scheme is done annually and farmers get up to Rs 6,000 every year as minimum income support from the government. Now, security researchers have said that a part of the website of the initiative was returning farmers’ Aadhaar numbers. “PM Kisan website offers a dashboard facility to view different charts and data. An endpoint in the dashboard was leaking Aadhaar numbers of all farmers on area (state, district, village) basis,” he wrote in a blog post.
According to Nair, the bug could enable hackers to collect all the data related to farmers in the scheme, leaking personal data of lakhs of farmers online by writing a basic script. As of now, more than 11 crore farmers are registered on the platform on the Pradhan Mantri Kisan Samman Nidhi website. This means that the attackers could easily access the personal data of more than 110 million farmers.
This is not new, this one has already been seen. Nair said in his blog post that he first discovered the bug in January this year after which he reported it to India’s Computer Emergency Response Team or Cert-In. The bug was finally fixed last month. However, it is to be noted that this is not the first time that Aadhaar details of Indian citizens have been leaked online.