Massive CoWIN Data Breach; Personal Details Of Vaccine Recipients Available In Telegram: Report As per the report, the documents related to the mobile number registered in the CoWin portal are available on the channel and is also possible to know which vaccine was administered and where it was administered
By Teena Jose
Opinions expressed by Entrepreneur contributors are their own.
You're reading Entrepreneur India, an international franchise of Entrepreneur Media.
In a major data breach, information of many Indians who took Covid-19 vaccinations after registering on the CoWin app reportedly leaked on a Telegram channel. According to a report by Malayalam news portal The Fourth News, a Telegram bot provided the name, date of birth, gender, phone number, passport or Aadhaar number, ID card used for vaccination, the vaccination centre's name and the number of doses of a person registered with the app if his/her mobile number was entered.
The report further added that the documents related to the mobile number registered in the CoWin portal are available on the channel. It is also possible to know which vaccine was administered and where it was administered.
The list of people whose data has been leaked includes CoWIN chairman RS Sharma, Kerala health minister Veena George, Union minister of state for external affairs Meenakhi Lekhi, Telangana's minister of information and communication technology, Kalvakuntla Taraka Rama Rao (popularly known as KTR), DMK MP (member of Parliament) Kanimozhi Karunanidhi, BJP Tamil Nadu president K Annamalai, Congress MP Karti Chidambaram and former union minister of Health Harsh Vardhan of the BJP, according to the report.
A portal named The News Minute reported that the bot, taken down by 9 am, gave away the complete Aadhaar number but eventually showed only the last four digits. The Aadhaar card, voter ID and PAN card numbers of lakhs of Indians were accessible to anyone on Telegram.
Taking to Twitter, member of Parliament Supriya Sule said, "The government owes us immediate clarification and must ensure those responsible for this breach are held accountable."
Sharing a screenshot of his alleged data leak on the Telegram bot, MP Karti Chidambaram wrote on Twitter, "In its Digital India frenzy, GoI has woefully ignored citizen privacy. Personal data of every single Indian who got COVID-19 vaccination is publicly available, including my own data. Who let this happen? Why is GoI sitting on a data protection law? @AshwiniVaishnaw must answer."
Responding to the data breach, the Ministry of Electronics and Information Technology said as reported by news agency ANI, "It is old data, we are still verifying it. We have sought a report regarding the same."