Personal information of several lakhs of Aadhaar card holders was displayed on a Jharkhand state government website till it was taken down on Saturday, Hindustan Times reported. The breach came to light when the Ranchi Unique Identity Authority of India informed the state’s Department of Women and Child and Social Security about the breach.

The website illegally displayed the names, addresses, Aadhaar details and bank account numbers of pension scheme beneficiaries. Aadhaar authorities had not responded to the Hindustan Times’ questions on the breach, the publication said. It is not known for how long the information was in the public domain.

The Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016, prohibits the publishing, display or posting publicly of a person’s Aadhaar details with the exception of certain regulations.

The department, however, had withdrawn the information by Saturday evening. “We got a call from the UIDAI cell telling us that the Aadhaar numbers of pension beneficiaries were being displayed on the website,” Social Security Director Ram Parvesh, The Indian Express reported. “We are aware of the seriousness [of the matter] and we will try to find out how and from where did this mistake happen.”

Parvesh said the unit responsible for the violation “worked under the control of the authorities”. The state website in question states that more than 15 lakh of the 16 lakh pension beneficiaries in state had submitted their Aadhaar details.

The Centre’s persistence in expanding the scope of the initiative has been criticised by the Supreme Court, which has insisted that the programme be made optional.

On April 19, the UIDAI had filed a First Information Reports against eight websites for collecting Aadhaar-related data from citizens in an unauthorised manner. It had shut down several websites and applications offering Aadhaar-related services to prevent citizens from being harassed.