With reference to “UIDAI introduces 16-digit 'Virtual ID', limited KYC for Aadhaar holders” (January 11), The Tribune report has clearly set the cat amongst the pigeons. UIDAI is absolutely right when it says that there is no Aadhaar breach but prima facie it appears that some user credentials have been compromised or misused. This is a worrying development and highlights multiple issues. Indians are privacy averse — WhatsApp alone generates reams of data and there are credible reports on how unknown entities can easily monitor group conversations despite “end to end encryption”. Likewise, generation of virtual tokens sounds good in