Data security shouldn’t be political. It applies to all of us. Each one of us. Which is why this story is important.

The morning of December 2, news portal YourStory published an unsigned story titled “22-year-old hacker from Mumbai hacks Narendra Modi app, exposes threat to 7 million user data”. In it Javed Khatri, a 22-year old mobile developer from Mumbai, makes the following claim:

“I am able to access private data of any user on the app. The data includes phone number, email, name, location, interests, last seen etc. I successfully managed to extract the personal phone numbers and email ids of ministers like Smriti Irani (screenshot at the end of the article). Please find attached the screenshot.

“Not only that, I can make any user on the platform follow any other user on the platform. This is just the summary of this huge security loophole which I want to report. The privacy of more than seven million users is at stake if this gets ignored.”

The app Khatri was referring to was the official Android app of Indian Prime Minister Narendra Modi (NaMo app, for short), with over 7 million users.

Yet within hours, the story had vanished entirely from YourStory’s site, with the site implementing an HTTP 302 to redirect visitors to its home page instead. After radio silence from the site all through the day as social media users pilloried it for having deleted the article without any explanation, it put out a clarification later that evening.

Khatri’s website went down as well (and still was, at the time of writing this article), though it isn’t clear whether that was intentional or not.

Except for a handful of smaller players, none of the leading Indian newspapers, TV channels or online news portals covered the news. It was as if this never happened.

That’s not even the shocking part. It is this: this flaw was reported more than a year ago and even now hasn’t been properly fixed.

This “non-hack” — since it exploits some very basic flaws, making it like picking a lock made of paper — is a significant one because it sits at the intersection of various trends like digital citizen-government interactions, exploding mobile usage especially by first-time technology users, data security, and legal protection. Understanding this will require some patience, so with sleeves rolled up, let’s dive in.

Technology enables, technology exposes

How does the Narendra Modi app work?  It has a great many features, including a newsfeed, a social network, a survey component, etc., and also has gamification in the form of badges.  People are encouraged to provide personal details, being told that registration will enable them to: “join the conversation and be heard”, “contribute with special tasks”, “earn special credit points for every activity on the app”, and “receive personalised birthday greetings directly from PM Modi”. 


Pranesh Prakash

Pranesh Prakash is a Policy Director at — and was part of the founding team of — the Centre for Internet and Society, a Bangalore-based non-profit that engages in research and policy advocacy. He is also the Legal Lead at Creative Commons India, and has been an Access to Knowledge Fellow at the Yale Law School's Information Society Project, and on the Executive Committee of the NCUC at ICANN. He has a degree in arts and law from the National Law School in Bangalore, and while there he helped found the Indian Journal of Law and Technology, and was part of its editorial board for two years.

View Full Profile

Available exclusively to subscribers of The Ken India

This story is a part of The Ken India edition. Subscribe. Questions?


Annual Subscription

12-month access to 200+ stories, archive of 800+ stories from our India edition. Plus our premium newsletters, Beyond The First Order and The Nutgraf worth Rs. 99/month or $2/month each for free.

Rs. 2,750


Quarterly Subscription

3-month access to 60+ new stories with 3-months worth of archives from our India edition. Plus our premium newsletters, Beyond The First Order and The Nutgraf worth Rs. 99/month or $2/month each for free.

Rs. 1,750


Single Story

Instant access to this story for a year along with comment privileges.

Rs. 500


Annual Subscription

12-month access to 150+ stories from Southeast Asia.

$ 120


Quarterly Subscription

3-month access to 35+ stories from Southeast Asia.

$ 50


Single Story

Instant access to this story for a year along with comment privileges.

$ 20



What is The Ken?

The Ken is a subscription-only business journalism website and app that provides coverage across two editions - India and Southeast Asia.

What kind of stories do you write?

We publish sharp, original and reported stories on technology, business and healthcare. Our stories are forward-looking, analytical and directional — supported by data, visualisations and infographics.

We use language and narrative that is accessible to even lay readers. And we optimise for quality over quantity, every single time.

What do I get if I subscribe?

For subscribers of the India edition, we publish a new story every weekday, a premium daily newsletter, Beyond The First Order and a weekly newsletter - The Nutgraf.

For subscribers of the Southeast Asia edition, we publish a new story three days a week and a weekly newsletter, Strait Up.

The annual subscription will get you complete, exclusive access to our archive of previously published stories for your edition, along with access to our subscriber-only mobile apps, our premium comment sections, our newsletter archives and several other gifts and benefits.

Do I need to pay separately for your premium newsletters?

Nope. Paid, premium subscribers of The Ken get our newsletters delivered for free.

Does a subscription to the India edition grant me access to Southeast Asia stories? Or vice-versa?

Afraid not. Each edition is separate with its own subscription plan. The India edition publishes stories focused on India. The Southeast Asia edition is focused on Southeast Asia. We may occasionally cross-publish stories from one edition to the other.

Do you offer an all-access joint subscription for both editions?

Not yet. If you’d like to access both editions, you’ll have to purchase two subscriptions separately - one for India and the other for Southeast Asia.

Do you offer any discounts?

No. We have a zero discounts policy.

Is there a free trial I can opt for?

We don’t offer any trials, but you can sign up for a free account which will give you access to the weekly free story, our archive of free stories and summaries of the paid stories. You can stay on the free account as long as you’d like.

Do you offer refunds?

We allow you to sample our journalism for free before signing up, and after you do, we stand by its quality. But we do not offer refunds.

I am facing some trouble purchasing a subscription. What can I do?

Please write to us at [email protected] detailing the error or queries.