Long since Narendra Modi became Prime Minister of the nation, he has talked about Digital India. Presently, in India, internet penetration is a mere seven per cent, while those actually who own a smartphone make up roughly 41 per cent of the population.

Narendra Modi has his own app which is separate from the official app which can be downloaded for iPhones, Android devices and Windows phones.

After addressing the nation on November 8, laying temporary but new banking rules till December 31 under his demonetisation drive, the nation has both suffered and rejoiced.

A couple of weeks ago, Narendra Modi wanted the nation to use his app which offered a survey containing 10 questions. The review was to determine if the citizens of India were likely to support demonetisation, or not.

Amidst the hustle-bustle of the payday, on December 1, a 22-year-old hacker cracked the Narendra Modi app. According to a YourStory report, hacker Javed Khatri claimed that he was able to hack the app.

In an email which he sent to YourStory, he wrote:

"I am able to access private data of any user on the app. The data includes phone number, email, name, location, interests, last seen etc. I successfully managed to extract the personal phone numbers and email ids of ministers like Smriti Irani.

"Not only that, I can make any user on the platform follow any other user on the platform. This is just the summary of this huge security loophole which I want to report. The privacy of more than seven million users is at stake if this gets ignored."Javed told YourStory that he did not want to cause any harm but wanted to demonstrate how poor the security of the app is. He even mentioned it was easy for him to hack the app.

@narendramodi_in I have found a security issue in Narendra Modi's app. Would like to report the issue. Javed Khatri (@IamJavedKhatri) December 1, 2016

Javed shared a couple of screenshots in which he gives proof of the hack being legitimate. The grabs have personal data of Dr Jitendra Singh who is the Minister of State for the Ministry of Development of North Eastern Region, which he accessed via the Narendra Modi app.

WHAT WENT WRONG?

According to Javed, skilled app developers test the security of their apps through various penetration tests (a method to check how hack-proof the app is). Clearly, in this case, the app developer of the Narendra Modi app did not authenticate the mechanism rigorously.

The loopholes in the app can be exploited through various methods. This makes the security of the app susceptible to hacks.

A few hours after YourStory put up the story, it was taken down since the online portal had just one side of the story.

Hey @YourStoryCo why did you pull down this story?Seems Modi machinery got busy trying to hide the embarrassment! ???? pic.twitter.com/LSRsRWfCLP FQueued Indn (@i_theindian) December 2, 2016

Later, YourStory released a clarification on the story as well.

BHARATIYA JANATA PARTY SPEAKS

The clarification YourStory released has an official statement from Amit Malviya who is the National Convener - Information and Technology, BJP.

Malviya says that they take security very seriously and the data was encrypted, but Javed had hacked it anyway.

Amit Malviya told YourStory:

"We have come across a report about 'Narendra Modi Mobile App' in which a possibility to access user data has been mentioned.

"We would like to state that most of the data that is shared on the App is, anyway, in the public domain, for instance, comments posted by individual users, various posts, the groups and following list of every user, can be seen by anyone who is using the App. The App doesn't capture any private or sensitive data. App user's information is stored in an encrypted mode.

"We take data security very seriously, and adequate measures are in place to avoid any possible security breach or threat.

"We would like to thank Mr Javed Khatri for acknowledging that the developers have focused a lot on security. We have since had a constructive engagement and discussed various security measures to further enhance the security features of the app.

"Our digital assets are put through routine security audits and are in compliance with extant standards. In fact, we encourage anyone who has any suggestions or inputs on how we can improve the overall experience on the App is welcome to write to us through the feedback section in the App."

HACKATHON

On Wednesday, November 30, Rahul Gandhi's Twitter handle also got hacked and the next day, it was Indian National Congress' Twitter, along with Congress Media Liaison Person Rachit Seth's Twitter account which got hacked the following day.

|| Read: Rahul Gandhi's Twitter account breach makes it a field day for Twitterati ||

|| Read: After Rahul Gandhi's, official account of Congress hacked. Twitterati grab popcorn ||

Opinion: Serious security flaws in NaMo app should leave us all worried