While Srikrishna Committee yet to submit its report on data privacy and protection, another incident of a massive data breach has come to light.
This time students have become preys. Around 2.4 lakh students phone numbers, email IDs and addresses, who took the National Eligibility and Entrance Test (NEET) in 2018, were made available online.
According to The Wire report, every applicant data was made available online at the cost of around Rs 1. Entrackr checked the website in question, Neetdata.com, which has now been suspended.
When logged in, the website had a statement proposing the sale of data.
“Many consultants across India trust us for their database needs. Our database prices will be on the higher prices, no doubt. But YES, because of that reason, limited clients will have access to our database and that gives scope to have good conversions,” quoted the report.
Anyone can have access to data that included a complete picture of applicants, name, their NEET score, ranking, complete address, date of birth, mobile number and email ID, after payment.
NEET in a medical entrance exam for MBBS and BDS (dental courses) for admission into various private and government colleges India. The Central Board for Secondary Education (CBSE) conducts the exam every year.
As per law, Section 43A holds the bodies which stores and manages data liable in case of “negligence in implementing and maintaining reasonable security practices.” Section 72A has punishment provision for bodies for disclosure of personal data without consent.
This is not the first such incident in the country. In July last year, Reliance Jio users’ data had been leaked by a website called magicapk.com. The site threw up data such as first and last name, email id, mobile number, date of SIM card activation and which circle it was activated from.
In January, The Tribune report “Rs 500, 10 minutes, and you have access to billion Aadhaar details” had claimed that details of Aadhaar database are easily available, at the payment of a mere Rs 500.
Meanwhile, India is still awaiting the Justice Srikrishna Committee report on data privacy and security, which is supposed to be submitted this month.
