In a significant development following recent reports of a data leak in India’s CoWIN portal, the Delhi Police Special Cell’s Intelligence Fusion & Strategic Operations (IFFSO) unit has made an arrest in Bihar. The apprehended individual is suspected of being responsible for leaking sensitive personal information of politicians, bureaucrats, and others on the social media platform Telegram.
According to police sources the accused allegedly accessed and leaked data from the CoWIN portal, the country’s Covid-19 vaccination tracking platform. It is reported that the man enlisted the help of his mother, who works as a health worker, to gather the information.
The leaked data is said to include Aadhaar numbers, voter IDs, passport numbers, and cellphone numbers of individuals who received Covid-19 vaccines. The news of the data breach was initially brought to light by South Asia Index, a data-driven news portal, in a series of tweets earlier this month. However, the government promptly dismissed the report, asserting that the CoWIN portal was secure and protected individuals’ data privacy.
Responding to the allegations, the Union Health Ministry released a statement emphasizing the safety measures implemented within the CoWIN portal. The ministry stated, “Co-WIN portal of Health Ministry is completely safe with safeguards for data privacy… Only OTP authentication-based Access of Data is provided.”
Union Minister Rajeev Chandrasekhar further explained that a Telegram Bot had revealed CoWIN app details upon the entry of phone numbers. He clarified that the data being accessed by the bot originated from a threat actor database, which appeared to have been populated with previously stolen information. Chandrasekhar highlighted that it did not seem that the CoWIN app or database had been directly breached.
CoWIN, which is integrated with the Aarogya Setu and UMANG Apps, serves as a crucial tool for tracking and managing the country’s Covid-19 vaccination drive. The UMANG (Unified Mobile Application for New-age Governance) platform provides a comprehensive solution for accessing e-Government services at various levels.
As the investigation unfolds, authorities will aim to determine the extent of the data leak and the potential implications for those affected. The incident underscores the importance of robust cybersecurity measures and the need for continuous efforts to safeguard sensitive personal information in the digital age.
The arrest made by the Delhi Police’s IFFSO unit sends a strong message that individuals involved in data breaches and unauthorized access to private information will be held accountable under the law. It is hoped that this arrest will serve as a deterrent to potential perpetrators and encourage further enhancements in data protection systems across government platforms.
Authorities are likely to focus on strengthening security measures, increasing awareness among users, and fostering a culture of data privacy to prevent similar incidents in the future.
Sources By Agencies
