Gemalto issues public apology for Aadhaar data breach report


NEW DELHI, Oct 27: Digital security firm Gemalto Saturday issued a public apology in national newspapers for its report which claimed a breach in the Aadhaar database.
The company withdrew its report which claimed that data breach incidences in India were the second highest globally in the first half of 2018 on account of a compromise in the Aadhaar database.
The company said it is issuing the public notice to clear the misperceptions against the country’s unique identity number project.
“Gemalto published an inaccurate Breach Level Index report and press release that included a news article about an alleged and unverifed Aadhaar data breach,” said the notice, titled ‘Gemalto apology to the People of India’.
“I, Philippe Vallee, as CEO of Gemalto, extend my sincerest apologies on the grave error on our part for the publication of this erroneous report and press release,” it added.
The company is learnt to have issued the apology in all editions of five national dailies.
“We never intended to malign Aadhaar, India’s prestigious identity mission project, by unknowingly committing the mistake. We are launching an internal investigation and will take additional appropriate action internally,” Vallee said.
In addition to publishing and correcting the facts in the Breach Level Index report on its website, Gemalto said it is placing this advertisement as part of the company’s effort to ensure that authentic and accurate information reaches out to the public.
The cyber security firm, in the report released on October 15, had claimed that over 1 billion records were compromised in the Aadhaar breach incident, including name, address and other personally identified information.
In the report, Gemalto claimed that there were 945 data breaches which led to 4.5 billion data records being compromised worldwide in the first half of 2018. Of this, over 1 billion data records were exposed in India.
“Gemalto is deeply regretful for releasing this unverified information in this report and failing to conduct sufficient due diligence prior to publishing the information. We are taking the opportunity to revisit the methodology behind this report and introduce more stringent criteria and validation of entries,” the notice said.
The company issued a correction, saying that there were 944 data breaches that led to 3.2 billion data records being compromised worldwide in the first half of 2018.
“… As an organisation providing cybersecurity expertise and solutions, we have not been able to find any evidence of any Aadhaar data being breached. Any inconvenience caused to the people of India by our action is deeply regretted,” the notice said. (PTI)