A breach of the Unique Identification Authority of India's Aadhaar biometric system is putting personally identifiable information (PII) of more than 1 billion Indian residents at risk, reports the Tribune, an Indian publication.
Attackers created a gateway to the biometric database, in which any Aadhaar user's ID number can be entered into a portal, the Tribune reports. Once the number is entered, it will pull up the resident's name, address, postal code, photo, phone number, and email address, according to the Tribune.
Cyberthieves are selling access to the portal for 500 rupees and are charging an additional 300 rupees for software that allows a victim's Aadhaar card to be printed, according to the report.
The Unique Identification Authority of India denies its Aadhaar database has been breached, the Tribune reports, but notes that Tribune reporters were able to make Aadhaar data purchases as part of its investigation.
Read more about Aadhaar here.