In a major turn of events, the government's CoWIN portal was the target of a data breach, where users' sensitive personal data was exposed. This raises a huge concern for national security and safety of the citizens of India. The Indian government has now opened up about it. Continue reading to know more.
CoWIN data breach: Government responds, says no direct breach of CoWIN app or database|#shorts
According to widespread claims on social media, a Telegram bot was able to reveal sensitive information about individuals when asked for an individual's phone number. The bot leaked names, Aadhaar numbers, Pan numbers, date of birth, location, gender and the institute where they got vaccinated. This information is the same that an individual had to enter when registering for the CoWIN app.
For the unaware, CoWIN is the Indian government's web portal for COVID-19 vaccination registration. It is managed and operated by the Ministry of Health and Family Welfare.
The same has been confirmed by the Union Minister of State for Entrepreneurship, Skill Development, Electronics and Technology, Rajeev Chandrasekhar via a tweet. However, he claims that the information available to the bot was collected from "previously stolen data." He further adds that the CoWIN database or app has not been directly breached. To reassure the public, he has confirmed that a national data governance policy with uniform data storage, access and security standards has been finalized across government. Referring to some alleged Cowin data breaches reported on social media, @IndianCERT has immediately responded and investigated this ✅A Telegram Bot threw up Cowin app details when entering phone numbers ✅The data accessed by the bot from a threat actor database, which appears… — Rajeev Chandrasekhar 🇮🇳 (@Rajeev_GoI) June 12, 2023