While denying direct breach of people’s data on CoWIN platform, Union minister says the bot is giving out details upon entry of phone numbers
A health worker enters data, as another vaccinates a woman against COVID-19, in Hyderabad. File Pic/AFP
Union Minister of State for Information Technology said Rajeev Chandrasekhar on Monday asserted that it does not appear that CoWIN app or database has been directly breached. He added that Indian Computer Emergency Response Team (CERT-In) immediately responded and reviewed the matter.
ADVERTISEMENT
“The data being accessed by bot from a threat actor database, which seems to have been populated with previously breached/stolen data stolen from past. It does not appear that CoWIN app or database has been directly breached.”
Rajeev Chandrasekhar, Union minister
The Union Health Ministry said reports claiming breach of data on the CoWIN platform were “without any basis” and “mischievous” in nature. “CERT-In in its initial report has pointed out that backend database for Telegram bot was not directly accessing the APIs of CoWIN database,” the ministry said in a statement.
It is reported that the bot has been able to pull individual data by simply passing the mobile number or Aadhaar number of a beneficiary, it said.
According to reports, information including a person’s phone number, gender, ID card details, last four digits of Aadhaar, and the name of the centre where the vaccine was received were also leaked on the channel. Opposition parties demanded an inquiry into claims about breach of data.
TMC’s Saket Gokhale claimed that individuals whose data has been breached include several Opposition leaders like Rajya Sabha MP and TMC leader Derek O’Brien, former Union minister P Chidambaram, Congress leaders Jairam Ramesh and KC Venugopal and Rajya Sabha MPs Sushmita Dev, Abhishek Manu Singhvi, and Sanjay Raut. He also named several journalists.
This story has been sourced from a third party syndicated feed, agencies. Mid-day accepts no responsibility or liability for its dependability, trustworthiness, reliability and data of the text. Mid-day management/mid-day.com reserves the sole right to alter, delete or remove (without notice) the content in its absolute discretion for any reason whatsoever