In response to the recent claims of a data leak on the CoWIN platform, the Union Health Ministry is actively working on a comprehensive report. Government sources have confirmed that the leaked information is currently being examined to assess the extent and impact of the incident.
The sources have claimed that the CoWIN platform does not collect sensitive personal data such as the date of birth or the address of the individual. The platform solely gathers vaccination-related data, including the date of the first and second doses. This clarification aims to address concerns regarding the nature of the leaked information.
Claims of Data Leak
The claims of the data leak were brought to light by the Malayala Manorama newspaper, which independently verified the incident. Additionally, Saket Gokhale, the national spokesperson for the All India Trinamool Congress, shared screenshots on Twitter, alleging that personal details, such as identification numbers (such as Aadhaar, passport, PAN card), gender, date of birth, and vaccination center details, were exposed. However, Business Today has not independently verified the leaked data on Telegram.
One aspect highlighted in the report is that the leaked data seemed to be connected to registered phone numbers. Initially, all the details associated with individuals who registered under the same phone number were accessible through the Telegram bot. This meant that their information was also available if multiple family members registered using a single phone number.
In contrast, the CoWIN portal implements an additional layer of security by requiring individuals to enter a One Time Password (OTP) received on their registered phone to access detailed information. However, on the Telegram channel, this information was accessible without requiring an OTP.
Also read: Covid jab Covovax to cost Rs 225 per dose; to be available on CoWIN app as heterologous booster
Prominent politicians' and journalists' data were among those allegedly exposed in this breach. Saket Gokhale shared the names of individuals such as Derek O'Brien, P Chidambaram, Jairam Ramesh, K C Venugopal, Rajdeep Sardesai, and Barkha Dutt, alongside screenshots of the leaked data.
The government has yet to respond officially to the allegations, but the incident has raised serious concerns about data security and privacy. The focus now remains on the Union Health Ministry's forthcoming report, which is expected to provide further insights into the data leak and the measures that will be taken to address the issue.