The Centre has asked states to take precautions to ensure that Aadhaar data and other personal details of individuals are not displayed on their official websites, PTI reported . The Information and Technology ministry warned the state that such breaches could attract jail term of up to three years.

“Further publishing of financial information, including bank details being sensitive personal data, is also in contravention of the provisions under IT Act 2000 with violations liable to pay damages by way of compensation to persons affected,” IT secretary Aruna Sundararajan wrote in a letter to the chief secretaries of all states and Union Territories.

She asked the states to ensure that the provisions of the Information Technology Act, 2000, and the Aadhaar Act, 2016, were followed properly. “It is also advised that any such contents already published or still appearing publicly, may be discontinued with immediate effect,” the letter added, according to PTI.

This comes days after personal information of several lakhs of Aadhaar card holders were displayed on a Jharkhand government website. Last month, former Indian cricket team captain MS Dhoni’s Aadhaar details too were leaked on Twitter.

Claims of security breaches in Aadhaar and misuse of biometrics data have been in the news of late. In February, the UIDAI had suspended Axis Bank’s authentication services after allegations of biometrics data being saved illegally. According to government data, the UIDAI has issued 112 crore Aadhaar numbers so far and has maintained that its biometrics database is tamper-proof.