In response to reports that the personal information of people enrolled on the CoWIN portal, the nation’s Covid-19 immunisation tracking tool, had been compromised, the Centre stated that the data there is totally secure. The reports are “mischievous,” according to the Centre.
“Co-WIN portal of Health Ministry is completely safe with safeguards for data privacy… Only OTP authentication-based Access of Data is provided,” read a statement from the Union Health Ministry.
According to a series of tweets this morning from the data-driven news blog South Asia Index, private information on lawmakers, government officials, and others has been exposed on the social networking platform Telegram.
According to a tweet from South East Asia Index, the stolen information includes Aadhaar, voter identification numbers, passport numbers and mobile phones of anyone who received the Covid-19 vaccine. Another tweet stated that “Details of family members of all COVID-19 vaccinated Indians have also been leaked in this major breach.”
The Centre highlighted several security measures in its statement, including “Web Application Firewall, Anti-DDoS, SSL/TLS, routine vulnerability assessment, and Identity & Access Management.”
The government’s computer emergency response team, CERT-In, has been asked to investigate this problem and provide a report, according to the statement from the Union Health Ministry. Rajeev Chandrasekhar, the union’s minister of electronics and technology, tweeted shortly after.
The senior leaders of the Congress, P Chidambaram, Jairam Ramesh, and KC Venugopal, as well as the Rajya Sabha deputy chairman Haribansh Narayan Singh, Rajya Sabha members Sushmita Dev and Abhishek Manu Singhvi, and Shiv Sena’s Sanjay Raut, are all allegedly included in the leaked data, according to the opposition Trinamool Congress.
Even screenshot-looking attachments have been included to his tweets.
Since this morning, the Telegram account that distributed the private information has been dormant. According to reports, the bot displayed the person’s name, the government ID they used to receive their immunisation, and the location of their inoculation. Additionally, it keeps track of the passport numbers and dates of birth of those who updated CoWIN prior to travelling abroad.
CoWIN is linked with UMANG Apps and Aarogya Setu. UMANG (Unified Mobile Application for New-age Governance) offers a centralised platform for access to all e-Government services offered by Indian government entities, from the Central to the local levels.
