News
    TECHNOLOGY
    News
    CoWIN data breach: MoS IT says the leaked data is from ‘previously breached/ stolen data’

    CoWIN data breach: MoS IT says the leaked data is from ‘previously breached/ stolen data’

    Health Ministry says all reports about CoWIN data breach do not have any basis and are mischievous in nature

    The leaked data included identification number including Aadhaar, passport or PAN card, gender, date of birth and vaccination centre where the user received the shot.
    Priya Singh
    • Jun 12, 2023,
    • Updated Jun 12, 2023, 5:16 PM IST

    A major data breach outing personal details of users via government's CoWIN portal on Telegram was reported on June 12. Union Minister of IT Rajeev Chandrasekhar has acknowledged the breach revealing that the data that has surfaced is from previously breached or stolen data. In a tweet, he added that the CoWIN app or database did not get breached directly.

    The minister further clarified, “National Data Governance policy has been finalized that will create a common framework of Data storage, Access and Security standards across all of govt.”

    It was reported that the personal user details leaked on Telegram included identification number including Aadhaar, passport or PAN card, gender, date of birth and vaccination centre where the user received the shot. In case users used mobile number instead of Aadhaar number, the information could still be accessed.

    In addition to this, the passport numbers of individuals who updated their CoWIN portal for international travel were also exposed.

    Health Ministry acknowledges CoWIN data breach

    As per the official statement by Government of India, “It is clarified that all such reports are without any basis and mischievous in nature. Co-WIN portal of Health Ministry is completely safe with safeguards for data privacy. All reports of data breach are without any basis and mischievous in nature. Health Ministry has requested CERT-In to look into this issue & submit a report”.

    The Health Ministry has clarified that without OTP vaccinated beneficiaries’ data cannot be shared to any BOT. For adult vaccination, only Year of Birth (YOB) is captured but it seems that on media posts it has been claimed that BOT also BOT mentioned date of Birth (DOB). The ministry further informed that there is no provision to capture address of beneficiary.

    The official statement further states, “Union Health Ministry has requested the Indian Computer Emergency Response Team (CERT-In) to look into this issue and submit a report. In addition, an internal exercise has been initiated to review the existing security measures of CoWIN.”

    Also Read: 

    Religious conversion via online games: Prime accused arrested in Thane; MoS reacts

    ‘We should not consider Sam Altman anything other than an important man in AI’: MoS IT

    CoWIN data leak on Telegram? Aadhaar, PAN, address of users made public: Report

    For Unparalleled coverage of India's Businesses and Economy – Subscribe to Business Today Magazine

    TAGS:
    Read more!
    RECOMMENDED