Aadhaar operators in Rajasthan and Bihar have revealed an alarming cyber fraud that has been unravelled by the Economic Offences Unit (EDU) of Bihar. This was initiated with the arrest of three cyber fraudsters in Madhepura, after which authorities unravelled an interstate racket continuing with over 40 Aadhaar operators. This has caused some major questions regarding the abuse of sensitive information and the safety of the identity systems in the nation.
The investigators state that the gang was functioning under the pretence of Common Service Centres (CSCs) that are designed to offer basic services to citizens. Among the key suspects, whose name is Rampravesh, is suspected of organizing the operation by establishing close to 39 fake websites to store and misuse Aadhaar data. These were websites under the banners of such sites as UCL Aadhaar Portal and Aayushman Site, which were intelligently designed to appear authentic. Each site was administered by a separate administrator, yet they were all managed with the help of dashboards that connected with the CSC of Rampravesh.
As it has been discovered, these fraudsters were not only developing a false portal but also employing advanced methods to circumvent security. The use of silicone moulds of actual Aadhaar operators made fake fingerprints, which enabled the gang to violate operator credentials. Remote access programs such as AnyDesk were used to compromise Aadhaar enrolment and update software, and allow unauthorized alterations to identity records. The involvement of more than 40 Aadhaar operators in Rajasthan also came into focus when the IDs and biometrics of these operators were discovered to have been used in these scams, and this begs the question whether their collusion was intentional or whether their security measures had vulnerable points that were compromised.
The scheme was run on a large scale, as the accused even sold a ticket to such bogus Aadhaar portals to other criminals to gain a profit. This made it easy to abuse individual information, and there was a possibility of identity theft, counterfeiting documents and fraudulent deals in various states. To determine the extent of the conspiracy, the EOU has already requested information from the Unique Identification Authority of India (UIDAI) with regard to these operators.
The result has created earthquakes within law-enforcing bodies because it gives an indication of structural weaknesses within the Aadhaar ecosystem. As Aadhaar is the cornerstone of banking, welfare, and telecom services, there is a direct threat to the safety of citizens when operator credentials are abused in this manner. The EOU has also established that it is in the process of conducting additional investigation to ensure that the money trail is followed to the end, all the accomplices are caught and that everyone who is caught is dealt with. The case has brought to the fore again the broader concern of the need to have tougher oversight, stricter regulation and better cybersecurity enforcement in services pertaining to Aadhaar.
