Important professional and personal details of around 2.7 crore members registered with the Employees Provident Fund Organisation (EPFO) have been exposed to data theft, according to sources.
Hackers have stolen data from the Aadhaar seeding portal of EPFO, stated the Central Provident Fund Commissioner a letter to the Electronics and Information Technology Ministry. He has informed the technical team of the site aadhaar.epfoservices.com that has now been temporarily shut.
The site links the Aadhaar number of employees with the PF accounts.
In a ‘secret’ letter, the commissioner wrote that the Intelligence Bureau (IB) had in advance informed them of ‘hackers exploiting the vulnerabilities prevailing in the website (aadhaar.epfoservices.com) of EPFO."
The details regarding the breach are yet unknown but the website had details like the name and address details of EPF subscribers besides their employment history.
"Each person contributes 12% of salary as provident fund, so salary details could also have been stolen. Also the bank account numbers as people tend to withdraw their PF," said cyber security expert Anand Venkatnarayan.