New Delhi: Personal data of over 20,000 people in India has been leaked from a government server, PTI reported.
The information — which includes name, mobile number, address and COVID test result — can be accessed through online search, the report added.
The leaked data, meant for uploading on Co-WIN portal, apparently has been put on sale on Raid Forums website, where a cyber criminal claims to have personal data of around 20,000 people.
The Ministry of Electronics and IT did not respond to an email query on the issue from PTI.
According to cyber security researcher Rajshekhar Rajaharia, personally identifiable information (PII), including names and COVID-19 results, are made public through a content delivery network (CDN) and that Google has indexed lakhs of data from the affected system.
“PII including Name, MOB, PAN, Address etc of #Covid19 #RTPCR results & #Cowin data getting public through a Govt CDN. #Google indexed almost 9 Lac public/private #GovtDocuments in search engines. Patient’s data is now listed on #DarkWeb. Need fast deindex,” Rajaharia tweeted.
