Bengaluru’s City Crime Police have arrested a software development engineer for allegedly stealing data of Aadhar card holders by illegally accessing the Unique Identification Authority of India (UIDAI) server.
On Tuesday, the CCB arrested 31-year-old Abhinav Srivastava, a graduate from IIT-Kharagpur. Abhinav, who is from Uttar Pradesh’s Kanpur, and residing in Yeshvanthpur was employed with Ola in Bengaluru. Ola has stated that it had never commissioned or was involved in such activity.
According to the CCB police, Abhinav had developed a mobile application named Aadhaar e-KYC verification for public download. As per the complaint, "Aadhar related information, which is legally housed by the NIC server was illegally and unauthorised accessed and used to support this mobile application."
“He had tapped into the server in January and had downloaded data of 50,000 people. He had earned about Rs 40,000 in advertisement revenue through this application. There is suspicion that he has developed several other apps so far and he earned Rs 40,000 from advertisements,” the police added.
According to a press release by the Bengaluru City Police, “By using this e-KYC Verification mobile application, the accused unathorizedly accessed to UIDAI Data though ‘e-Hospital’ application and its server. He made available Aadhaar related information through this mobileapp developed by him.”
While the complaint had alleged that Abhinav worked with Qarth Technologies, a subsidiary of Ola, police enquiries revealed that he worked at the Ola head office in Koramangala.
The press note states that Abhinav Srivastava had launched Qarth Technologies in 2012, which was shut down in 2015. He went on to work as a software developer in a company named Glow Prime before joining Ola as a software development engineer in 2016.
The police have seized one CPU, four laptops, one tablet, four mobile phones, six pen drives and materials worth Rs 2.25 lakh.
Abhinav was produced before the court and kept in police custody for further questioning.
The High Grounds police registered the FIR after Ashok Lenin, Deputy Director, UIDAI Regional Office, Bengaluru filed a complaint on July 26.
An FIR was registered under sections 37 and 38 of Aadhaar Act 2016, sections 65 and 66 of IT Act of 2000, and sections 120 B, 468 and 271 of the Indian Penal Code. The case was transferred to the CCB on July 27.
“Qarth workers have developed an app and accessed details on Aadhaar website without authentication and provided the same as e-KYC details. The data theft started on January 1 and went on till July 26. The accused has joined hands with miscreants in leaking the Aadhaar information and illegally using the same,” Lenin had said in his complaint.