‘Old data, leak allegations being verified,’ say Govt sources.
The personal data of Indian citizens who registered on the CoWIN portal, the government-run Covid vaccination platform, has been leaked and made available on the popular messaging platform, Telegram. The breach reportedly includes sensitive information such as Aadhaar card numbers, PAN card details, and other personal identifying information.
According to a recent report, an individual can enter a mobile number registered with the CoWIN portal into a Telegram bot, which then discloses the individual’s ID card used for vaccination, gender, birth year, name of the vaccination center, and the number of doses administered. This alarming breach means that the Aadhaar card, voter ID, and PAN card numbers of Indian citizens are accessible to anyone on Telegram.
The potential impact of this data breach is significant, as it could affect over 100 crore individuals who have successfully registered and secured vaccinations through the CoWIN portal. Among those impacted are more than 4 crore children between the ages of 12-14 and over 37 crore individuals above the age of 45, a considerable portion of whom are senior citizens.
The seriousness of this breach has prompted the involvement of a technical team from the Health Ministry, which is currently investigating the allegations and verifying the extent of the data leak. All application programming interfaces (API) associated with the CoWIN platform are being thoroughly examined to identify any vulnerabilities or loopholes that may have been exploited.
The Health Ministry is expected to release an official statement soon to provide clarification regarding the alleged breach. Steps are being taken to address the situation promptly and to ensure the privacy and security of individuals’ personal information.
In response to the alarming findings, the bot responsible for publishing the leaked information has been disabled. However, the incident highlights the pressing need for stronger data protection measures and increased cybersecurity efforts, particularly in systems handling sensitive personal data.
The leak of such vast amounts of personal information raises concerns about the potential misuse of this data, including identity theft, financial fraud, and unauthorized access to individuals’ accounts. It underscores the urgency for the government to enhance its cybersecurity infrastructure, prioritize data protection, and establish stringent protocols to prevent future breaches.
Citizens are advised to remain vigilant and take precautions to safeguard their personal information. They should be wary of any suspicious activity related to their personal data and report any such incidents to the relevant authorities.
This breach serves as a wake-up call for both the government and individuals, emphasizing the importance of robust cybersecurity measures and data privacy practices in an increasingly digital world. Efforts must be redoubled to ensure that sensitive personal information remains secure and protected from unauthorized access.
The investigation into the CoWIN data breach is ongoing, and the government is expected to take decisive action to rectify the situation, strengthen cybersecurity infrastructure, and prevent similar incidents from occurring in the future.