New Delhi: Personal information – Aadhaar card, and PAN card details – of Indian citizens, including high-profile political leaders, were reportedly made available on messaging platform Telegram.
According to reports, a Telegram bot was giving away the details of individuals, who registered on the CoWIN app to get their COVID-19 vaccination, including their names, date of birth, phone number and other details provided at the time of registration, such as passport or Aadhaar numbers among others.
TMC national spokesperson Saket Gokhale shared the screenshots of the breach on his official Twitter account. “There has been a MAJOR data breach of Modi Govt where personal details of ALL vaccinated Indians including their mobile nos., Aadhaar numbers, Passport numbers, Voter ID, Details of family members etc. have been leaked & are freely available,” he wrote.
“This is a matter of national concern,” he added.
The developers of the Telegram bot disabled it after Manorama broke the story, The Mint reported. According to the Malayalam daily, the secretary of the Union Health Ministry Rajesh Bhushan was among the victims of the data leak. Details of Ram Sewak Sharma, chairman of CoWin high power panel, Kerala Health Minister Veena George, Congress General Secretary KC Venugopal and Union Minister of State Meenakhi Lekhi were leaked and so also of some other leaders.
Data-driven news portal South Asia Index also put up a series of tweets, stating that details of family members of all COVID-vaccinated Indians had been leaked.
Odisha Bytes could not independently verify the details of the alleged data leak.
Responding to the news report, government officials dismissed hacking of the CoWIN app. They told CNBC TV-18 that there “discrepancies in data leak of the screenshots of the CoWIN app” but added that probe is on to ascertain any unauthorised access to the CoWIN app.
“Co-WIN portal of Health Ministry is completely safe with adequate safeguards for data privacy. Furthermore, security measures are in place on Co-WIN portal, with Web Application Firewall, Anti-DDoS, SSL/TLS, regular vulnerability assessment, Identity & Access Management etc. Only OTP authentication-based access of data is provided. All steps have been taken and are being taken to ensure security of the data in the CoWIN portal,” an PIB release later said.
It further said that the development team of COWIN has confirmed that there are no public APIs where data can be pulled without an OTP. “Union Health Ministry has requested the Indian Computer Emergency Response Team (CERT-In) to look into this issue and submit a report. In addition, an internal exercise has been initiated to review the existing security measures of CoWIN. CERT-In in its initial report has pointed out that backend database for Telegram bot was not directly accessing the APIs of CoWIN database,” it added.
New Delhi: In a major reform, the Income Tax Department will have the authority to check… Read More
Bhubaneswar: The day temperature touched 39 degree Celsius on Tuesday even before the onset of… Read More
Bhubaneswar: Odisha’s talented badminton players Pragati Parida and Vishakha Toppo have been selected to represent… Read More
Mumbai: Actors Katrina Kaif and Neil Nitin Mukesh’s on-screen chemistry in ‘New York’ was loved… Read More
Dubai: Team India broke a jinx by overcoming Australia and marching into the Champions Trophy… Read More
Mayurbhanj: A 40-year-old man on Tuesday surrendered before police in Odisha's Mayurbhanj district after allegedly… Read More
This website uses cookies.
