GIFT a SubscriptionGift
HamberMenu
  1. Cricket
  2. Data
  3. Health
  4. Opinion
  5. SEARCH Icon
  1. Cricket
  2. Data
  3. Health
  4. Opinion
  5. SEARCH Icon

To enjoy additional benefits

GIFT a SubscriptionGift
ShowcaseCrossword+

CONNECT WITH US

year
Click here for our in-depth coverage of Lok Sabha and Assembly elections #ElectionsWithTheHindu

Confidential data stands exposed on GHMC website

At a click of the mouse, birth and death enquiry links will reveal the status of allapplications with residential address, place of birth or death and name

January 01, 2016 12:00 am | Updated September 22, 2016 08:57 pm IST - HYDERABAD:

Staff Reporter

It is a free for all on Greater Hyderabad Municipal Corporation’s portal when it comes to data about births or deaths. Thanks to its sloppy security, confidential records of several thousands, alive and dead, stand exposed on the municipal body’s website.

At a click of the mouse, birth and death enquiry links can reveal the status of all applications with residential address, place of birth or death and name. Details of over 250 application requests are now available across all the 18 circles of GHMC! If one chooses to search, it is possible to obtain details of all births or deaths for any time duration.

The search can be performed by just entering a search period, gender and a circle.

For instance, searching in Secunderabad (circle 18) for births from December 1 through December 29, 2015 reveals birth of 16 boys and 11 girls, with names of father, mother, place of birth, date of birth and in some cases, the child’s name too. Through the search, it can be seen that the GHMC’s digital database extends back to 1930s. GHMC is not the only municipality with a website that leaks data. Chennai Municipal Corporation recently made headlines for letting anybody search and download birth certificates. Given that 50 gigabytes of data including data on taxes, births, deaths and planning sits on GHMC’s servers, data security experts expressed shock over the leak.

‘Impersonation can be done easily’

“Absence of a security database is serious. Using data of birth and death, it is possible to impersonate another person or at least gain a foothold to start doing it,” said Shantiswaroop, of Uurmi Systems, who works in the field of cyber security, even as he called for rigorous data security measures when dealing with public information.

Gross negligence

Hyderabad-based cyber security consultant Vikas Jain, who looked at the website, blamed gross negligence and disregard for security for the flaws. “By simply limiting queries, it is possible to safeguard the database. It is a fix that is not difficult to implement,” he said.

GHMC’s Additional Commissioner, IT, K. Surendra Mohan could not be contacted for comments, despite repeated efforts.

Top News Today

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.