Aadhaar numbers and related information. The exposure of such sensitive data has raised serious concerns about the security of citizens' personal details, prompting immediate steps to prevent further leaks.The Indian Computer Emergency Response Team (CERT-In) carried out an investigation and found several security vulnerabilities within these websites.
As a result, the website owners were provided with detailed instructions on how to fix these security issues and strengthen their information and communication technology (ICT) infrastructures.CERT-In also issued comprehensive guidelines for the design, development, implementation, and operation of secure IT applications, which all organizations handling sensitive data are expected to follow.In addition to these efforts, CERT-In has also issued directives under the Information Technology (IT) Act, 2000. These directions outline security practices, procedures for preventing cyber incidents, and reporting requirements for organizations that experience data breaches.MeitY has also emphasized the importance of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.
These rules strictly mandate that sensitive personal data must not be disclosed publicly or shared without authorization. Individuals who believe their data has been compromised can file complaints with Adjudicating Officers, who are IT Secretaries appointed by the states.
These officers have the authority to impose penalties and award compensation to affected parties under Section 46 of the IT Act.Meanwhile, the Digital Personal Data Protection Act, 2023, has been introduced to further strengthen the protection of personal data in India. The
. Read more on livemint.com