The Aadhaar controversy doesn’t seem to end very soon. Very recently, India began investigating a report that has led access to its database of the details of more than a billion citizens, which was apparently being sold for ₹507.12 on social media which can be easily regarded as one of the giant program’s biggest security breaches till date.

To this, the newspaper The Tribune regarded that it has been able to purchase login credentials to the Aadhaar database, enabling it to acquire all the basic information such as names, telephone numbers and the residential addresses of millions of people.

The paper also regarded that it had bought access for as little as ₹500 from someone on a WhatsApp social media group.

According to the Unique Identification Authority of India (UIDAI), which runs the biometric identity card scheme, this case appeared to them as an instance of misuse. Further, they added they had even initiated a police complaint against the people responsible for selling the access, but did not identify them. Crucial data including all the biometric information is all safe and secure, confirmed the agency. The database incorporates fingerprints and iris scans, besides basic information details.

It also added that “Mere display of demographic information can’t be misused without biometrics”, ruling out the financial fraud, enabling that the access to bank accounts required further authentication that involved fingerprint and iris scans.

But this breach is the latest in a program facing increasing scrutiny over privacy concerns and is likely to prompt further questions about data safety.

In fact, India’s Supreme Court is holding continues hearings to decide if a drive by the administration of Prime Minister Narendra Modi to link Aadhaar to private and public services infringes the privacy rights of individuals.