India investigates reports of Covid-19 portal breach, data leak
Sign up now: Get insights on Asia's fast-moving developments
Users posted screenshots of a bot using Telegram to pull individual data from phone numbers entered in the CoWIN vaccine portal.
PHOTO: @RJDFORINDIA/TWITTER
Follow topic:
DELHI – India’s government is investigating reports that a Health Ministry portal containing personal data of anyone in the country who has received a Covid-19 vaccination was breached.
Across Twitter, users have posted screenshots of a bot using Telegram, an encrypted messaging app, to pull individual data from mobile phone numbers entered into the portal.
Among the personal details revealed were a person’s social security number, passport number and date of birth. The leak could potentially affect more than one billion Indian citizens who were administered at least one vaccine dose.
Mr Rajeev Chandrasekhar, India’s Minister of State for Electronics and Information Technology, said on Twitter that while the bot was “throwing up” details from the CoWIN vaccine portal, it does not appear to be a direct breach.
India’s Health Ministry said in a statement on Monday that the reports were “without any basis and mischievous in nature”, adding that the portal was “completely safe with adequate safeguards for data privacy”.
Telegram said they have taken down the bot.
“Telegram moderators routinely take down any private data shared without consent, and this has also been done in the case of this bot,” the spokesman said on Monday. BLOOMBERG
