EPFO services vulnerabilities exploited by hackers giving them access to employee PF data

Aadhaar related problems refuse to die down it seems. In a shocking revelation, it has been reported that Employees’ Provident Fund Organisation (EPFO) data has been allegedly stolen by hackers who have exploited vulnerabilities in the website aadhaar.epfoservices.com.

The hack was discovered by Twitter users @raydeep and @arvindgunasekar, who tweeted out photos of a  letter titled ‘Secret’ which was addressed to Dinesh Tyagi, CEO Common Service Centre (CSC).

The letter, written out by  Central Provident Fund Commissioner Dr VP Joy, specified of the data theft from the ‘ICT Infrastructure of Aadhaar Seeding Service for Employees by exploiting the vulnerabilities in the website aadhaar.epfoservices.com’.

The letter explained that the vulnerabilities were classified as ‘Strut Vulnerability’, and ‘Backdoor Shells’. For the time being CSC has been asked to deploy its  Techincal Team in order to ‘plug in the identified as well as other vulnerabilities in the aadhaar.epfoservices.com website”.

The Intelligence Bureau has been tasked with securing this confidential data and run a thorough audit and assessment of the system, as per the letter. However, the authenticity of this letter is still to be verified.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Do NOT follow this link or you will be banned from the site!
error: Unauthorized Content Copy Is Not Allowed
%d bloggers like this: