Provident Fund Portal Hacked, 2.7 Crore People Face Data Theft

New Delhi: The personal and professional details of about 2.7 crore members registered with the retirement fund body Employees Provident Fund Organisation (EPFO) have been exposed to data theft.

In a letter to the Ministry of Electronics and Information Technology, the Central Provident Fund Commissioner has written that hackers have stolen data from the Aadhaar seeding portal of EPFO. He has also asked the ministry's technical team to plug vulnerabilities on the portal aadhaar.epfoservices.com that has now been temporarily shut.

Watch video

The portal links the Aadhaar number of employees with their provident fund accounts.

Also read on MSN: Aadhaar is still mandatory for new bank accounts

In the letter marked "secret", the commissioner wrote that the Intelligence Bureau (IB) had informed them of "hackers exploiting the vulnerabilities prevailing in the website (aadhaar.epfoservices.com) of EPFO."

Details of the scale of the breach are not known but the website contains information like the names and addresses of EPF subscribers besides their employment history.

"Each person contributes 12% of salary as provident fund, so salary details could also have been stolen. Also the bank account numbers as people tend to withdraw their PF," said cybersecurity expert Anand Venkatnarayan.

© Provided by NDTV 24x7 epf

A total of 114 government websites were hacked between April 2017 and January 2018, the Ministry of Electronics and IT told Lok Sabha in March.

On April 6, amidst reports that several websites including those of the ministries of defence, home and law had been hacked, the government had dismissed them as hardware problems.

Cyber security experts say monitoring is a big issue with government websites.

Also read on MSN: To claim final PF settlement, you have to be out of job for two months

"The reason why these breaches happen is that the government is always reactive instead of being proactive. We never take security measures in initial stages. There should be a proper bug reporting mechanism also so that we can report to the government and they can secure their database," said Kshitij Adlakha, CEO of Cybersecurity firm Secugenius.

"No confirmed data leakage has been established or observed so far. As part of the data security and protection, EPFO has taken advance action by closing the server and host service through CSC (Common Service Centre) pending vulnerability checks, EPFO said in a statement.

Watch video: How to check provident fund balance

(Video provided by NDTV)

The head of the Computer Emergency Response team of the Ministry of Electronics and IT, when contacted by NDTV, remained unavailable.

The body that governs Aadhaar, UIDAI, has clarified that it has nothing to do with the alleged data breach from aadhaar.epfoservices.com. "This matter does not pertain at all to any Aadhaar data breach from UIDAI servers. There is absolutely no breach into Aadhaar database of UIDAI. Aadhaar data remains safe and secure," it said.

STEPS: See your EPFO account and view your provident fund passbook online

See your EPFO account and view your provident fund passbook online, you need to follow these simple steps:



Step 1

Employees need to log in the member portal by visiting the EPFO website (unifiedportalmem.epfindia.gov.in/memberinterface/). You need to enter your 12 digit Activated UAN number and the password to view your account details. If you have not activated your UAN, you can also activate it by clicking on the tab below. Once you have entered the right credentials, it takes four days to activate your UAN.

Step 2

Once you have entered into the portal, you can find all kind of online services that are available on the EPFO website. From there you can track your queries related to claim status, transferring request, which is required in case your current employer has created another UAN number to track your PF account.

Step 3

You can see various tabs present on the dark green ribbon above. Clicking on the ‘view’ tab will take you to visit your profile, service history, UAN card and your passbook address. This passbook address is a separate website link where you can view your PF account.

Step 4

To view your PF passbook, you need to visit epfindia.gov.in website. This is a different website where you can view various other details related to EPFO. You need to go to the ‘our service’ tab and under our service tab, you need to click on the ‘for employees’ link. To view the EPF contributions done by your employer every month you need to then click on the ‘member passbook’ link.



Step 5

After clicking on the member passbook link, you will be redirected to a separate tab, where you need to re-enter your activated UAN and the same EPFO passwords which you used it for the EPFO member login portal.

Step 6

Once you have entered your credentials, you can visit your EPF passbook and view your PF contribution made by the company.

The government has come up with various other benefits where they are giving special benefits to employees who had to leave their current job due to some physical incapacitation. If you want to visit the office, you may even locate the nearest EPFO office through this EPFO website, you can also view the eligibility for making online claims and obtain lots more service facilities through this online portal.

One should also know that the accumulated amount is payable on retirement, resignation or death. You can also make partial withdrawals for financing life insurance policies, acquiring a house, wedding of self or dependents, child’s education planning or any treatment of illness etc.