GS3/GS2 Paper
Syllabus: Internal Security – Basics of cyber security
Source: TH
Context: American cybersecurity company Resecurity reported a breach of personal data of 815 million Indians, including Aadhaar numbers and passport details, being sold on the dark web. The data was claimed to be sourced from the Indian Council of Medical Research.
What are Personally Identifiable Information (PII)/ Personal Data?
Personally Identifiable Information (PII) is data that, alone or with other details, can identify an individual. It includes direct identifiers like passport info, Voter ID, PAN Card, etc. Data falls into two categories:
- Personal, related to individual traits
- Non-personal, aggregated data that doesn’t identify individuals.
Central Government Reply:
The IT Minister mentioned that CERT-In is investigating the data leak. UIDAI asserts that Aadhaar data is secure in CIDR, with no breaches in its history. Advanced security tech is used and regularly upgraded to address emerging threats.
Other instances of Data Breach:
Impact of Personal Data Breach:
| Impact | Examples |
| 1. Online Banking Theft | Unauthorized access to bank accounts |
| 2. Tax Fraud | Falsification of tax returns using stolen information |
| 3. Cyber-Enabled Financial Crimes | Illicit financial activities using compromised data |
| 4. Identity Theft | Creation of false identities for fraudulent purposes |
| 5. Privacy Invasion | Unauthorized access to personal information |
| 6. Targeted Phishing Attacks | Using stolen data for deceptive email campaigns |
| 7. Reputation Damage | Loss of trust due to misuse of personal information |
| 8. Psychological Impact | Emotional distress and anxiety for individuals |
| 9. Discrimination | Unfair treatment based on leaked sensitive information |
| 10. Financial Loss for Individuals | Scams and financial losses for the affected individuals |
Conclusion:
Safeguarding personal information is crucial to prevent these impacts and maintain trust in the digital landscape. Users are advised to check for leaks, be cautious with emails, change passwords, and use two-factor authentication to safeguard personal information. The breach poses risks of digital identity theft and cyber-enabled financial crimes.
Insta Links:
New draft digital data protection bill: How it compares with the older version and laws elsewhere
Mains Links:
The Digital Personal Data Protection Bill must ensure that individuals’ personal data is collected and processed in a manner that respects their privacy rights under Article 21 of the Indian constitution. Comment.
