SFLC.in writes to CERT.In and Government of Tamil Nadu on Public Distribution System Data Breach

Recently, it was reported that the Tamil Nadu’s Public Distribution System database was breached. The breach led to leaking of personal details including addresses of approximately 65 million people. This includes their Aadhaar details, makka number, contact details,  addresses. 

SFLC.in wrote to CERT.In, nodal agency of Government of India to respond to cyber security incidents, and the Government of Tamil Nadu requesting them to conduct security audits to respond to the data breaches. Section 70B of the Information Technology Act empowers CERT-In to conduct security audits and respond to data breaches. Rule 8 of the CERT-In Rules requires it to respond to cyber security incidents. Rule 9 of the CERT-In Rules requires it to analyse such incidents.

The Government of Tamil Nadu is the repository of the data. Therefore, SFLC.in has requested the Government of Tamil Nadu to kindly conduct a security audit of the software and hardware involved in the data breach and to update citizens and PDS beneficiaries on what has transpired with the data breach.

You can read our letter(s) here:

We would like to thank Srikanth for bringing the data breach to our notice.