12 June,2023 07:05 PM IST | Mumbai | mid-day online correspondent
Screenshot of leaked details of Congress leader P Chidambaram by Telegram bot (Credit: Saket Gokhale)
Government of India has refuted media reports of a major data breach in the Covid vaccination portal CoWIN. The reports allege a breach of data from the Co-WIN portal of the Union Health Ministry, which is the repository of all data of beneficiaries who have been vaccinated against Covid.
In a statement, the Union Health Ministry said: "Certain posts on the social media platform Twitter have claimed using a Telegram (online messenger application) BOT, the personal data of individuals who have been vaccinated is being accessed. It is reported that the BOT has been able to pull individual data by simply passing the mobile number or Aadhaar number of a beneficiary," the statement said.
Earlier, claims of a massive data breach emerged on Monday. The purported breach has affected all Indian citizens - including high-profile political leaders - who had uploaded their information on the CoWIN vaccination portal. The leaked data is reportedly available on social media platform Telegram and can now be accessed by any user. The data includes personal information of Indian citizens, including their Aadhaar card, and PAN card details.
The list of people whose data has been leaked includes Telangana's minister of information and communication technology, Kalvakuntla Taraka Rama Rao (popularly known as KTR), DMK MP (member of Parliament) Kanimozhi Karunanidhi, BJP Tamil Nadu president K Annamalai, Congress MP Karti Chidambaram and former union minister of Health Harsh Vardhan of the BJP, according to a media report.
ALSO READ
Canada admits to leaking details of Nijjar case to The Washington Post
Govt issues advisory to social media platforms to remove misinformation
Govt asks Meta, X to share data on hoax bomb threats to airlines
Gujarat govt announces Rs 1,419 cr relief package for farmers affected by rains
Indian govt employee charged in foiled murder-for-hire plot in New York City
The development was flagged by Opposition leaders including TMC's Saket Gokhale who tweeted his interactions with the Telegram chatbot.
A news report said that when a mobile number registered with the CoWIN portal is entered, the Telegram bot discloses the number of the ID card used for vaccination along with gender, birth year, and name of the vaccination centre, and his/her doses. With this massive data breach, the Aadhaar card, voter ID, and PAN card numbers of Indian citizens are accessible to anyone on Telegram.
Midday could not independently verify this report.
Sharing the news on her Twitter handle, member of Parliament Supriya Sule said, "The government owes us immediate clarification and must ensure those responsible for this breach are held accountable."
Sharing a screenshot of his alleged data leak on the Telegram bot, MP Karti Chidambaram wrote on Twitter, "In its Digital India frenzy, GoI has woefully ignored citizen privacy. Personal data of every single Indian who got COVID-19 vaccination is publicly available. Including my own data. Who let this happen? Why is GoI sitting on a data protection law? @AshwiniVaishnaw must answer."