The Indian government denied the claims of media reports that personal data of a plethora of users is leaked from CoWIN portal. Leaked Personal data included name, age, gender, mobile number, address, date, and a result of Covid-19 report of scores of people. As per PTI (Personal Identifiable Information) report, the data has been sold on the Raid Forum website. Cybercriminals claim to have the personal data of approximately 20,000 people. The leaked data can be accessed online through Google search as “List of Beneficiaries enrolled for Covid Vaccine”, while using the keywords like RT-PCR results.
A Cyber security researcher, Rajshekhar Rajaharia, in one of his tweets, said, “Personally identifiable information (PII) has been made public through a content delivery network (CDN), and Google has indexed lakhs of these public and private documents possessed by the government”.
In its press release, the government has refuted the claim of data leak through CoWIN portal. “There have been several media reports claiming that the data stored in Co-WIN portal has been leaked online. It is clarified that no data has leaked from Co-WIN portal and the entire data of residents is safe and secure on this digital platform.”
During the pandemic, the government relied on digital technologies to carry out vaccination programs. Moreover, various institutions mandated the use of Arogya Setu for Covid related services and information. This much reliance on technology demands a proper infrastructure well equipped with the data safety mechanism.
– Pallavi Singh
Content Writer, WCSF