Hacker Targets Default Aarogya Application, Government Junks Claim

NEW DELHI: The ethical hacker tweeted on Tuesday that the privacy of 90 million Indians was at stake as there is a security flaw in India's contact tracking app, Aarogya Setu. However, a senior government official dismissed their claims. There is no security breach either. It is not a problem, ”he said.

Alderson had posted from his identifier @ fs0c131 and around 8.40 p.m., “Hello @SetuAarogya, a security issue has been found in your application. The privacy of 90 million Indians is at stake. Can you contact me in private? About 50 minutes later, he tweeted again: “@ India nCERT and @NICMeity contacted me. The problem has been revealed to them.

Alderson had finished his first tweet saying: PD: @Rahul Gandhi was right. He was referring to the Congressional leader's post on May 2 where he described Aarogya Setu as a sophisticated surveillance system, outsourced to a private operator. His allegations had been countered by at least two union ministers: and Prakash Javadekar .

Reacting to Alderson, another senior official said, “The app is not a surveillance tool. Rather, it is a tool that can save lives. You are fighting a relentless virus. So don't be confused or distracted.

We trust that there is no security breach. The application has been subjected to the strictest security controls. We are always looking for suggestions to further strengthen it. Our team handles several of those suggestions every day. There are regular controls, added the official. said.

He also said the product team will soon post a tweet to make it clear that there is no data breach or security breach in the app.

Alderson had leaked thousands of Aadhaar details online in March 2018 to draw attention to its security flaws to officials. He had tagged the official ID of the, providing details of the gaps in the database.