CoWIN platform is safe, says Indian govt after data breach claims
The leak was first reported on South Asia Index, a news portal. (Picture: CoWIN)
The Union Health Ministry has said that the CoWIN portal is perfectly safe, following reports of a major data lapse on the platform. The personal details of CoWIN (Covid Vaccine Intelligence Network) beneficiaries were allegedly leaked through a Telegram bot. Following the said breach, the personal information of various leaders and bureaucrats became publicly available.
Just IN:— Major data breach in India;
— South Asia Index (@SouthAsiaIndex) June 12, 2023
Personal data of all vaccinated Indians have been leaked online.
☆ Leaked data has Aadhaar, voter ID, Passport numbers & mobile numbers of Indians who got covid-19 vaccines.
Union Ministry of Health responds
- A press release from the Union Health Ministry assured that the data was safe with adequate measures of data privacy on the portal.
𝗖𝗢𝗪𝗜𝗡 𝗗𝗮𝘁𝗮 𝗕𝗿𝗲𝗮𝗰𝗵 #CoWIN portal of Health Ministry @MoHFW_INDIA is Completely Safe with safeguards for Data Privacy.
— Ministry of Health (@MoHFW_INDIA) June 12, 2023
Adequate Security Measures are in place on Co-WIN portal, with Web Application Firewall, Anti-DDoS, SSL/TLS, regular vulnerability assessment,…
- "Adequate security measures are in place on the Co-WIN portal, with web application firewall, Anti-DDoS, SSL/TLS, regular vulnerability assessment, identity & access management etc," the press release added.
With ref to some Alleged Cowin data breaches reported on social media, @IndianCERT has immdtly responded n reviewed this
— Rajeev Chandrasekhar 🇮🇳 (@Rajeev_GoI) June 12, 2023
✅A Telegram Bot was throwing up Cowin app details upon entry of phone numbers
✅The data being accessed by bot from a threat actor database, which seems to…
- The Ministry also sought a report from CERT-In regarding the breach.
-
The press release also said that only OTP authentication-based access to data is provided on the platform to access data.
The opposition's claim
- Trinamool Congress's spokesperson Saket Gokhle, claimed on Twitter, that details of many opposition leaders including Rajya Sabha MP and TMC Leader Derek O'Brien, and former Union Minister P Chidambaram have been leaked.
SHOCKING:
— Saket Gokhale (@SaketGokhale) June 12, 2023
There has been a MAJOR data breach of Modi Govt where personal details of ALL vaccinated Indians including their mobile nos., Aadhaar numbers, Passport numbers, Voter ID, Details of family members etc. have been leaked & are freely available.
Some examples 👇
(1/7)
- He said details of a few journalists have been leaked too.
- Nationalist Congress Party (NCP) MP Supriya Sule also flagged the news of the alleged leak, calling it "deeply concerning and unacceptable", if true, reported India Today.
What is CoWIN?
- The Comprehensive Vaccine Management System (CoWIN) is a centralised platform for registration, appointment scheduling, identity verification, vaccination, and certification for individuals receiving the Covid-19 vaccine in India.
- The platform is also linked with the Aarogya Setu and UMANG apps, meant to fulfil the governance needs of the citizens, which could point to possibilities of much more data being compromised.