 "Aadhaar")
The Centre on Wednesday told Parliament that there has been no breach of Aadhaar cardholders’ data from the database of the Unique Identification Authority of India (UIDAI) till date.
In a written reply to the Lok Sabha, Union Minister of State for Electronics and Information Technology Jitin Prasada said no incident of data compromise involving the core UIDAI database had been reported so far.
“Aadhaar is the world’s largest biometric identity system, with around 1.34 billion live Aadhaar holders. It has completed more than 160 billion authentication transactions,” the minister said.
He added that UIDAI, the statutory authority responsible for issuing Aadhaar numbers, has put in place robust and comprehensive safeguards to protect the personal data of Aadhaar number holders.
Security measures to protect Aadhaar data
Detailing the safeguards, the minister said UIDAI follows a multi-layered security architecture based on the principle of defence-in-depth. The systems are regularly reviewed and audited to ensure continued protection against evolving cyber threats.
Also Read
 "Anil Agarwal, Vedanta")
 "Car sales")
 "Warner Bros. Studios in Burbank, California.")
 "Pakistan extends airspace ban on India")
 "Purchasing Health Insurance")
The Aadhaar ecosystem uses advanced encryption technologies to secure data both during transmission and storage.
“UIDAI’s Information Security Management System is certified under ISO 27001:2022 by the Standardisation Testing and Quality Certification (STQC) Directorate. It also holds ISO/IEC 27701:2019 certification for privacy information management,” he said.
Prasada said UIDAI has been declared a protected system, with the National Critical Information Infrastructure Protection Centre (NCIIPC) providing continuous security advisories to strengthen its cybersecurity posture.
“An independent audit agency is engaged for the creation of the Governance, Risk, and Compliance and Performance (GRCP) framework for the Aadhaar ecosystem and oversight for adherence to the same. It continuously conducts cybersecurity audits of UIDAI applications, including Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST),” he said.
Past concerns, official position unchanged
Concerns over alleged Aadhaar data breaches have surfaced previously in the public domain, largely centred on the risk of identity theft and fraud if personal information were to be exposed through vulnerabilities in the wider ecosystem.
However, the government has consistently maintained that there has been no breach of the core UIDAI database.
 "SC, Supreme Court")
 "Nitin Gadkari, Nitin, Gadkari")
 "Bhupender Yadav, Union Minister of Environment, Forest, and Climate Change")
 "Shashi Tharoor, Shashi, Tharoor")
 "Manjinder Singh Sirsa")
