A French vigilante hacker, who identifies himself as Elliot Alderson, has amde a stunning claim over the piracy breach committed by the government-owned Aarogya Setu Mobile App. Alderson took to Twitter to allege that the ‘privacy of 90 million Indians is at stake.’
Alderson wrote on Twitter, “Hi @SetuAarogya, A security issue has been found in your app. The privacy of 90 million Indians is at stake. Can you contact me in private? Regards, PS: @RahulGandhi was right.”
Hi @SetuAarogya,
A security issue has been found in your app. The privacy of 90 million Indians is at stake. Can you contact me in private?
Regards,
PS: @RahulGandhi was right
— Elliot Alderson (@fs0c131y) May 5, 2020
Alderson wrote in his subsequent tweet, “To be super clear: I’m waiting a fix from their side before disclosing publicly the issue. Putting the medical data of 90 million Indians is not an option. I have a very limited patience, so after a reasonable deadline, I will disclose it, fixed or not.”
To be super clear:
– I’m waiting a fix from their side before disclosing publicly the issue. Putting the medical data of 90 million Indians is not an option.
– I have a very limited patience, so after a reasonable deadline, I will disclose it, fixed or not.— Elliot Alderson (@fs0c131y) May 5, 2020
Congress MP Rahul Gandhi has termed Aarogya Setu Mobile App ‘a sophisticated surveillance system’ outsourced to a private company. Rahul had recently atatcked the government by saying, “The Arogya Setu app, is a sophisticated surveillance system, outsourced to a pvt operator, with no institutional oversight – raising serious data security & privacy concerns. Technology can help keep us safe; but fear must not be leveraged to track citizens without their consent.”
Reacting to Rahul’s criticism, IT Minister Ravi Shankar Prasad had replied, “Daily a new lie. Aarogya Setu is a powerful companion which protects people. It has a robust data security architecture. Those who indulged in surveillance all their lives, won’t know how tech can be leveraged for good!”
Daily a new lie.
Aarogya Setu is a powerful companion which protects people. It has a robust data security architecture.
Those who indulged in surveillance all their lives, won’t know how tech can be leveraged for good! https://t.co/t8ThXmddcS— Ravi Shankar Prasad (@rsprasad) May 2, 2020
In some parts of the country, the downloading of the mobile app has been made mandatory. In BJP-ruled Uttar Pradesh’s Noida, the authorities have said that those living in Noida and Greater Noida will be fined or jailed if they did not have the contact tracing app on their smartphones.
The official Twitter handle of the Aarogya Setu App reacted to Alderson’s claims with point-by-point rebuttal stating that there was no privacy breach. Alderson said that he was not satisfied with the clarification and will return ‘tomorrow.’
Statement from Team #AarogyaSetu on data security of the App. pic.twitter.com/JS9ow82Hom
— Aarogya Setu (@SetuAarogya) May 5, 2020
In 2018, Alderson had made a series of claims ‘exposing‘ the flaws in Aadhar.