This incident underscores the critical importance of website security testing and proactive threat detection measures.”

— Anshu Bansal, CEO of CloudDefense.AI

PALO ALTO, CALIFORNIA, USA, January 30, 2024 / — The Rajasthan state government has successfully addressed security vulnerabilities on its Jan Aadhaar website, thanks to the diligent efforts of security researcher Viktor Markopoulos from CloudDefense.AI. The website, designed to provide a unique identifier for Rajasthan residents to access welfare schemes, was found to have exposed sensitive documents and personal information of millions of citizens.

Markopoulos discovered critical flaws in the website’s security, including the exposure of Aadhaar cards, birth certificates, marriage certificates, electricity bills, and income statements, along with personal information such as date of birth, gender, and father’s name. These vulnerabilities posed a significant risk to the privacy and security of the citizens.

The Jan Aadhaar portal, launched in 2019, serves over 78 million individual registrants and data of 20 million families in Rajasthan. It aims to offer a unified identity unique to the state, distinct from the nationwide Aadhaar card issued by the UIDAI.

Markopoulos played a pivotal role in uncovering and reporting the security bugs, including unauthorized access via registrants’ phone numbers and improper verification of one-time passwords. Upon notification by TechCrunch, the Indian Computer Emergency Response Team (CERT-In) promptly intervened and remediated the security issues. Read the full article from here.

About CloudDefense.AI:
CloudDefense.AI, headquartered in Palo Alto, is a complete Cloud-Native Application Protection Platform (CNAPP) that secures the entire cloud infrastructure and applications. Considering the evolving threat landscape, they blend expertise and technology seamlessly, positioning themselves as the go-to solution for remediating security risks from code to cloud.

Experience the ultimate protection with their comprehensive suite that covers every facet of your cloud security needs, from code to cloud to cloud reconnaissance. Their catered-for cloud offering includes SAST, DAST, SCA, IaC Analysis, Advanced API Security, Container Security, CSPM, CWPP, CIEM, CDR, to the exclusive HackerView™ technology – CloudDefense.AI ensures airtight security at every level.

Going above and beyond, their innovative solution actively tackles zero-day threats and effectively reduces vulnerability noise by strategically applying various modern techniques. This unique approach delivers up to five times more value than other security tools, establishing them as comprehensive and proactive digital defense pioneers.

If you want to learn more about CloudDefense.AI and explore one of the best CNAPPs in the industry, please book a free demo with us or connect with us here

Emily Thompson
Visit us on social media: