CoWIN COVID-19 Vaccination Data Leak Claim Refuted by the Government, Investigation Initiated

The Indian Computer Emergency Response Team (CERT-In) is investigating the matter reported online.

CoWIN COVID-19 Vaccination Data Leak Claim Refuted by the Government, Investigation Initiated

CoWIN stores all the vaccination data in a “safe and secure” environment, government said

Highlights
  • CoWIN data leak claim came in circulation on social media
  • The government responded to the claim and provided clarification
  • CoWIN data leak reports are called fake by the government

CoWIN data leak claim that was made on the dark Web and circulated on social media on Thursday has been denied by the government. In response to the social media posts alleging the sale of data pertaining to 150 million people vaccinated by the COVID-19 vaccines in the country, the Ministry of Health and Family Welfare said that prima facie, the reports appeared to be fake. The ministry claimed that all the vaccination data it collected through the CoWIN platform was stored in a “safe and secure digital environment” and was not shared with any third parties.

Through a brief statement released while responding to the data leak claims, the ministry notified that despite initially considering the reports fake, the matter is being investigated by the Indian Computer Emergency Response Team (CERT-In) of the Ministry of Electronics and Information Technology (MeitY).

“Our attention has been drawn towards the news circulating on social media about the alleged hacking of CoWIN system. In this connection we wish to state that CoWIN stores all the vaccination data in a safe and secure digital environment,” said RS Sharma, Chairman of the Empowered Group on Vaccine Administration.

Cybercrime intelligence platform DarkTracer first brought the matter into limelight on Thursday when it tweeted a screenshot showing the sale of data allegedly related to 150 million people vaccinated in the country. A reseller on the dark Web named Dark Web Market was claimed to have that data for sale at $800 (roughly Rs. 58,300). The listing by the reseller alleged that the data included name, mobile number, Aadhaar ID, and geolocation information about the affected people.

Sharma dismissed the claim and said that no CoWIN data was shared with any entity outside the CoWIN environment. “The data being claimed as having been leaked, such as geo-location of beneficiaries, is not even collected at CoWIN,” he added.

In addition to the government's response, cybersecurity expert Rajshekhar Rajaharia refuted the data leak claim made by the reseller. He stated on Twitter that it was nothing but a scam.

 

Bengaluru-based security researcher Karan Saini also pointed out that the data sample suggesting the hack has not yet been seen. Although the reseller on the dark Web is claiming to offer some data for a sample, it has not been provided for free access. This is unusual as hackers on the dark Web often provide free samples of the data they are selling.

 

The government takes COVID-19 vaccine registrations through Aarogya Setu and Umang apps — in addition to the CoWIN portal. It also recently made guidelines to allow booking of the vaccines through third-party apps. However, CoWIN has so far been used as a centralised platform for COVID-19 vaccine registrations across the country.

According to the latest data available on the CoWIN dashboard, the platform processed more than 27 crore registrations and enabled over 24 crore vaccination doses.


What is the best phone under Rs. 30,000 in India right now? We discussed this on Orbital, the Gadgets 360 podcast. Orbital is available on Apple Podcasts, Google Podcasts, Spotify, Amazon Music and wherever you get your podcasts.
Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Jagmeet Singh writes about consumer technology for Gadgets 360, out of New Delhi. Jagmeet is a senior reporter for Gadgets 360, and has frequently written about apps, computer security, Internet services, and telecom developments. Jagmeet is available on Twitter at @JagmeetS13 or Email at jagmeets@ndtv.com. Please send in your leads and tips. More
Twitter Suspension in Nigeria: US Condemns Move, Calls for Decision Reversal
Elden Ring Gameplay Trailer Unveiled With January 2022 Release Date

Related Stories

Share on Facebook Tweet Snapchat Share Reddit Comment
 
 

Advertisement

Advertisement

© Copyright Red Pixels Ventures Limited 2021. All rights reserved.
Listen to the latest songs, only on JioSaavn.com