Support

Explore

HomeNo Image is Available
About UsNo Image is Available
AuthorsNo Image is Available
TeamNo Image is Available
CareersNo Image is Available
InternshipNo Image is Available
Contact UsNo Image is Available
MethodologyNo Image is Available
Correction PolicyNo Image is Available
Non-Partnership PolicyNo Image is Available
Cookie PolicyNo Image is Available
Grievance RedressalNo Image is Available
Republishing GuidelinesNo Image is Available

Languages & Countries :






More about them

Fact CheckNo Image is Available
LawNo Image is Available
ExplainersNo Image is Available
NewsNo Image is Available
DecodeNo Image is Available
Media BuddhiNo Image is Available
Web StoriesNo Image is Available
BOOM ResearchNo Image is Available
BOOM LabsNo Image is Available
No Image is Available
Deepfake TrackerNo Image is Available
VideosNo Image is Available

Support

Explore

HomeNo Image is Available
About UsNo Image is Available
AuthorsNo Image is Available
TeamNo Image is Available
CareersNo Image is Available
InternshipNo Image is Available
Contact UsNo Image is Available
MethodologyNo Image is Available
Correction PolicyNo Image is Available
Non-Partnership PolicyNo Image is Available
Cookie PolicyNo Image is Available
Grievance RedressalNo Image is Available
Republishing GuidelinesNo Image is Available

Languages & Countries :






More about them

Fact CheckNo Image is Available
LawNo Image is Available
ExplainersNo Image is Available
NewsNo Image is Available
DecodeNo Image is Available
Media BuddhiNo Image is Available
Web StoriesNo Image is Available
BOOM ResearchNo Image is Available
BOOM LabsNo Image is Available
No Image is Available
Deepfake TrackerNo Image is Available
VideosNo Image is Available
News

"Mischievous": Centre Refutes Reports Of Co-WIN Data Leak

Several media outlets and social media users were able to retrieve sensitive details of many prominent politicians and ministers using a Telegram bot.

By - Archis Chowdhury | 12 Jun 2023 7:50 PM IST

On Monday, following reports of a massive data breach of users of the Co-WIN portal through a Telegram bot, the Ministry of Health and Family Welfare (MoHFW) reassured users of the platform, and stated that Co-WIN user data was safe.

"Co-WIN portal of Health Ministry is Completely Safe with safeguards for Data Privacy," the statement added. However, it failed to address the various allegations raised by media outlets and social media users who claim to have used the bot, and have provided evidence in the form of screenshots containing private data to back their claim.

On Sunday night, Malayalam news portal The Fourth News broke the story of data breach, highlighting how private and sensitive information of users registered on Co-WIN - MoHFW's digital platform for scheduling and certification of COVID-19 vaccines in India - were readily available through a Telegram bot, which has since been deleted.

According to the article, The Fourth News was able to retrieve sensitive details such as date of birth and PAN/Aadhaar/Passport numbers of many prominent politicians and ministers, using either their phone numbers or Aadhaar numbers as a search query.

Media outlet The News Minute also reported having used the Telegram bot before it was deleted, to retrieve the details of several politicians across party lines. It also reported having verified the details with several of the politicians, which reportedly turned out to be authentic. 

Due to the Telegram bot being no longer available at the time of writing this article, BOOM was unable to independently verify the allegations of data leak by The Fourth News and The News Minute.

The Centre, however, refuted these reports, terming them as 'mischievous' and 'without any basis'. The MoHFW spokesperson added, "Only OTP authentication-based access of data is provided. All steps have been taken and are being taken to ensure security of the data in the CoWIN portal."

While the Centre's response cited the existing security measures of the platform as the primary evidence to refute the claims of data breach, it failed to address how private details of prominent political actors were retrieved by media outlets and social media users.

Rajeev Chandrasekhar, the Union Minister of Electronics and Technology, also stated in a tweet that the data being accessed by the Telegram bot used a previously breached database, adding, "It does not appear that Cowin app or database has been directly breached."

According to independent researcher Srinivas Kodali, the Centre's response does not sufficiently address the allegations raised by the media reports and other social media users, and the evidence provided (in the form of screenshots of private data retrieved from the Telegram bot) to back these allegations.

"The information out there does not corroborate what the government is saying. Telling us that there are some security measures does not guarantee that there cannot be a breach," Kodali told BOOM.

He further explains that in potential cases of data breach, such as the alleged Co-WIN user data leak, it is the government's job to investigate and inform the public on how it happened.

"There is evidence that somehow information has leaked. So it's the job of the ministry to investigate now, and they have to tell us exactly how it happened. But they are saying there is no breach, without any investigation" he said.

Kodali also highlight's Chandrasekhar's tweet and questions what the minister was referring to, when he spoke of a previous data breach. "We don't know which data breach he is referring to, and he needs to explain that," he added.

Tags: