French security expert Elliot Alderson -- who had last month sparked a controversy by asking the Unique Identification Authority of India (UIDAI) to explain why its helpline number was stored on many people's phone without their knowledge -- also joined in the conversation asking the UIDAI to work with the hackers to plug the breach.
"I repeat it: NOTHING IS UNHACKABLE. It does apply for Aadhaar. UIDAI, it's never too late. Listen and work with hackers instead of threatening them. History is looking to you," he said.
According to the HuffPost report, "the patch lets a user bypass critical security features such as biometric authentication of enrolment operators to generate unauthorised Aadhaar numbers".
It also disables the GPS security feature of the software allowing anyone from any location to enrol users.
"The patch reduces the sensitivity of the enrolment software's iris-recognition system, making it easier to spoof the software with a photograph of a registered operator, rather than requiring the operator to be present in person," the report said.
It claimed to have the patch analysed by three internationally reputed experts and two Indian analysts, all of whom confirmed it could be used to breach the Aadhaar software.