Yeah, that means a lot of false data has been added into the system given how widely this patched client has been circulated. I don't know what about this tells you that the database hasn't been compromised?
The first thing that came to my mind when I read the title was that all the biometrics and all were out. Which would have been much worse and which is not the case.
This is equally bad, maybe even more so given there is a good chance that a substantial number of aadhaar accounts are fake. There is, quite simply, no reasonable defense for this state of affairs.
The database has also been compromised in the read direction. In fact, one of the authors of this article, Rachna Khaira, got in hot water with the police earlier this year for reporting on that breach.
That's probably why this article doesn't mention it.
A compromise in this case being that illegitimate entries are being added when they should not be able to. You don’t need write to consider this specific case broken.