NEW DELHI — Tech news site ZDNet said on Sunday it stood by its report that identified a security vulnerability in data-linked to Aadhaar — India鈥檚 national identity card project, after a semi-government agency that manages the database sought to discredit the report.

ZDNet reported that a data leak on a system run by a state-owned utility company could allow access to private information of holders of the biometric 鈥淎adhaar鈥 ID cards, exposing their names, their 12-digit identity numbers and their bank details.

The Unique Identification Authority of India (UIDAI), which manages the Aadhaar program, said 鈥渢here is no truth in this story鈥 in a statement on Saturday.

ZDNet鈥檚 global editor-in-chief Larry Dignan said in an e-mail on Sunday that the publication stood by its report. Mr. Dignan said they spent weeks compiling evidence and verifying facts.

鈥淲e spent weeks reaching out to the Indian authorities, specifically UIDAI, to responsibly disclose the security issue, and we heard nothing back and no action was taken until after we published our story,鈥 said Mr. Dignan.

UIDAI sought to downplay the report stating that even if the claims in the story were true, it would raise security concerns with the database of the utility company and not with the security of UIDAI鈥檚 Aadhaar database.

UIDAI said it is 鈥渃ontemplating legal action against ZDNet.鈥

Many researchers and journalists, who have identified loopholes in India鈥檚 national identity card project, say they have been harassed by some government agencies and slapped with criminal cases because of their work.

Aadhaar is a biometric identification card that is integral to the digitization of India鈥檚 economy. With over 1.1 billion users it is the world鈥檚 largest such database.

Indians have been asked to furnish their Aadhaar numbers for transactions including accessing bank accounts, paying taxes, receiving subsidies, acquiring a mobile number, settling a property deal and registering a marriage.

The government鈥檚 demands for Aadhaar linkage for multiple services is being challenged in India鈥檚 Supreme Court.

Researchers and journalists have highlighted vulnerabilities and data leaks tied to the program. UIDAI last week said the biometric data were safe from hacking as the storage facility was not connected to the Internet. — Reuters

RELATED ARTICLESMORE FROM AUTHOR