📣 Send us your press release
Site updates every 15 minutes
Technology

UMANG Platform Security Flaws Exposed User Data

Security researchers have identified multiple vulnerabilities in India's UMANG platform that could have exposed user data across several government services. The Ministry of Electronics and Information Technology has acknowledged the issues and is implementing fixes.

14 July 2026
UMANG Platform Security Flaws Exposed User Data
Image is an AI-generated illustration

Multiple security vulnerabilities have been discovered in India's UMANG platform, a government-backed service integrating various public services. Researchers found that these flaws could have exposed users' personal information across sensitive government services, including the Employees' Provident Fund Organisation (EPFO) and LPG booking systems.

The vulnerabilities reportedly stem from the platform's underlying architecture rather than individual integrated services. According to the researchers, sensitive details such as EPFO Universal Account Numbers (UANs), LPG cylinder booking information, and Aadhaar numbers were stored in plaintext, increasing the risk of unauthorized access.

The Ministry of Electronics and Information Technology (MeitY) has acknowledged the findings and stated that corrective measures are underway. The ministry confirmed that plaintext information in the affected APIs has been encrypted and that the platform is under continuous monitoring. Transaction logs have been reviewed, showing no unusual activity.

However, the researchers have expressed doubts about the sufficiency of the implemented fixes, citing fundamental design issues and suggesting that the new encryption measures may be bypassable. Independent security analysts have described the vulnerabilities as significant, warning of potential misuse by cybercriminals.

Original source: medianama.com