Don’t Shoot the Messenger Who Broke Aadhaar Database Breach Story 

Instead of being lauded for bringing a breach to everyone’s notice, The Tribune’s reporter was rewarded with an FIR.

News Videos
2 min read

There is a saying, ‘Don’t shoot the messenger’ which implies that do not target the person giving any information.

Do you know where this adage comes from?

An unwritten, unsaid rule was observed during wars that no one should harm emissaries who bought messages from the enemy, no matter what the message was.

However, the UIDAI, the body that manages all the work related to Aadhaar is doing completely the opposite.

Rachna Khaira’s investigative report.
(Photo: The Tribune)

FIR Against The Reporter

An FIR was lodged against The Tribune’s reporter Rachna Khaira by the UIDAI for her investigative report pointing out loopholes in the Aadhaar portal.

The FIR was lodged on account of unauthorised access. The UIDAI argued that they were no breaches in the biometric database and they were not targeting the reporter for exposing the flaws.

After the government drew flak for the FIR, Law and IT minister Ravi Shankar Prasad said that the FIR was registered against unknown persons. However that does not seem to be the case.

What Was Rachana Khaira’s Fault?

The fact that she contacted a Whatsapp group that used to breach the Aadhaar database? Through the group she got in touch with three people.

She made a payment of Rs 500 and found a gateway to the database of 100 crore people.

For another Rs 300, she got access to print the Aadhaar card. So, all the personal data of 100 crore people was up for sale, for just Rs 800.


How Was the Security Breach Possible?

We call ourselves the IT superpower, then how did this portal that handles personal data of millions of people witness such a severe lapse?

Instead of being lauded for bringing it to everyone’s notice, the reporter was rewarded with an FIR filed under the Aadhaar Act, IPC and the IT Act.

Lessons to Be Learnt

If they want, the UIDAI can learn many lessons from tech companies across the world.

What do Facebook, Google or Microsoft do when someone draws their attention towards any kind of breach or fault in their portals?

They are known to invite people to point out problems and give rewards in return.

In 2013, Anand Prakash from Bengaluru was awarded Rs 10 lakh by Facebook for reporting a bug on their site.

Similarly, there are many youngsters who report such issues to companies and earn a lot of money and fame in return, in some cases they even get job offers.

We can't expect all this from the UIDAI, but we can at least appeal them to view such a matter as a lesson rather than an offence. No matter how crippling the message is, you do not kill the messenger. It is till date an unsaid and unwritten rule which demands adherence.

Camera Person: Abhay Sharma

Producer: Prabuddha Jain

Anchor: Neeraj Gupta

Video Editor: Purnendu Pritam & Ashutosh Bhardwaj

(At The Quint, we are answerable only to our audience. Play an active role in shaping our journalism by becoming a member. Because the truth is worth it.)

Speaking truth to power requires allies like you.
Become a Quint Insider

or more


3 months
12 months
12 months
Check Insider Benefits
Stay Updated

Subscribe To Our Daily Newsletter And Get News Delivered Straight To Your Inbox.

Join over 120,000 subscribers!