2 Likes
Quite a click-bait headline. What CGI provides is something similar to OIDC, a unified sign-in frontend for various eID solutions. They don’t actually handle any eID data. Think similar to the the sign-in page here on Privacy Guides where you have the option to sign-in with multiple providers.
Leaked source code of the old code base. Which is not good. However from my understanding, having read some of the articles and statements from CGI, the new platform (not leaked) are a complete rewrite and no code is shared with the old. Personal data leaked are from some of the staff of CGI, some dummy data for the test servers and some contact information to some of the staff of the eID providers.
2 Likes