Live
- LS polls: PM Modi says BJP-NDA leading 2-0 after first two phases
- Plea in Madras HC seeks special polling arrangement for names 'missing' from Coimbatore voter list
- Ex CM KCR Bus tour on 4 th day
- Youth National Games 2024 kick-start in Delhi; over 5,000 athletes from 15 states vying for top honours
- TN Police warn people against fraudsters using AI-based voice cloning
- L-G office blames Saurabh Bharadwaj for delay in enhancing MCD Commissioner's financial powers
- ICICI Bank posts 17 per cent rise in Q4 net profit at Rs 10,707cr; declares dividend of Rs 10 per share
- 26/11 prosecutor to Mumbai North Central candidate - Ujjwal Nikam all set for 'new innings' with BJP
- CBI traces shop that sold bullets & cartridges seized from Sandeshkhali
- IPL 2024: Rasikh and Mukesh pick three-fers as Delhi Capitals beat Mumbai Indians by 10 runs
Government refutes claims of CoWIN data breach
New Delhi: The government on Monday said reports claiming a breach of data of beneficiaries registered on the CoWIN platform were "mischievous" and...
New Delhi: The government on Monday said reports claiming a breach of data of beneficiaries registered on the CoWIN platform were "mischievous" and "without any basis", and that the matter has been reviewed by the country's nodal cyber security agency CERT-In.
The CoWIN portal is completely safe with adequate safeguards for data privacy, the Health Ministry said in a statement, adding an internal exercise has been initiated to review the existing security measures.
Rajeev Chandrasekhar, the Union Minister of State for Electronics and Information Technology, said the Indian Computer Emergency Response Team (CERT-In) immediately responded and it does not appear that Cowin app or database has been directly breached. He said a Telegram Bot was throwing up Cowin app details upon entry of phone numbers. "The data being accessed by bot from a threat actor database, which seems to have been populated with previously breached/stolen data stolen from past. It does not appear that Cowin app or database has been directly breached," the minister said.
The health ministry said there are reports alleging the breach of data from the CoWIN portal, which is repository of all data of beneficiaries who have been vaccinated against Covid-19.
"It is clarified that all such reports are without any basis and mischievous in nature. Co-WIN portal of Health Ministry is completely safe with adequate safeguards for data privacy," it said.
Furthermore, security measures are in place on CoWIN portal with web application firewall, regular vulnerability assessment, and Identity and Access Management, it said. “Only OTP authentication-based access of data is provided. All steps have been taken and are being taken to ensure security of the data in the CoWIN portal,” the ministry said. “CERT-In in its initial report has pointed out that backend database for Telegram bot was not directly accessing the APIs of CoWIN database,” the statement said. It said certain Twitter users have claimed the personal data of individuals who have been vaccinated is being accessed using a Telegram (online messenger application) Bot. It is reported that the bot has been able to pull individual data by simply passing the mobile number or Aadhaar number of a beneficiary, the ministry said.
