CoWIN COVID-19 Vaccination Data Leak Claim Refuted by the Government, Investigation Initiated

The Indian Computer Emergency Response Team (CERT-In) is investigating the matter reported online.

By Jagmeet Singh | Updated: 11 June 2021 11:35 IST

CoWIN COVID-19 Vaccination Data Leak Claim Refuted by the Government, Investigation Initiated

CoWIN stores all the vaccination data in a “safe and secure” environment, government said

Highlights

CoWIN data leak claim came in circulation on social media
The government responded to the claim and provided clarification
CoWIN data leak reports are called fake by the government

CoWIN data leak claim that was made on the dark Web and circulated on social media on Thursday has been denied by the government. In response to the social media posts alleging the sale of data pertaining to 150 million people vaccinated by the COVID-19 vaccines in the country, the Ministry of Health and Family Welfare said that prima facie, the reports appeared to be fake. The ministry claimed that all the vaccination data it collected through the CoWIN platform was stored in a “safe and secure digital environment” and was not shared with any third parties.

Through a brief statement released while responding to the data leak claims, the ministry notified that despite initially considering the reports fake, the matter is being investigated by the Indian Computer Emergency Response Team (CERT-In) of the Ministry of Electronics and Information Technology (MeitY).

“Our attention has been drawn towards the news circulating on social media about the alleged hacking of CoWIN system. In this connection we wish to state that CoWIN stores all the vaccination data in a safe and secure digital environment,” said RS Sharma, Chairman of the Empowered Group on Vaccine Administration.

Samsung Wins Patent for a Tri-Fold Smartphone With Specialised Barrier Layer for Improved Durability

Cybercrime intelligence platform DarkTracer first brought the matter into limelight on Thursday when it tweeted a screenshot showing the sale of data allegedly related to 150 million people vaccinated in the country. A reseller on the dark Web named Dark Web Market was claimed to have that data for sale at $800 (roughly Rs. 58,300). The listing by the reseller alleged that the data included name, mobile number, Aadhaar ID, and geolocation information about the affected people.

Sharma dismissed the claim and said that no CoWIN data was shared with any entity outside the CoWIN environment. “The data being claimed as having been leaked, such as geo-location of beneficiaries, is not even collected at CoWIN,” he added.

In addition to the government's response, cybersecurity expert Rajshekhar Rajaharia refuted the data leak claim made by the reseller. He stated on Twitter that it was nothing but a scam.

COVID-19 Vaccination Survey: Pick Up If You Get a Call From 1921 — Here’s Why

[Alert] #CowinPortal Not Hacked!! Some Fake
#DarkwebLeakMarket are claiming to sell data of 150 Million COVID19 Vaccinated People of India. It's completely fake. It's a Bitcoin Scam. Don't Trust. Check Screenshots. They are listing fake leaks. #Infosec @journoprasoon @ETtech pic.twitter.com/c39IGDT4dz

— Rajshekhar Rajaharia (@rajaharia) June 10, 2021

Bengaluru-based security researcher Karan Saini also pointed out that the data sample suggesting the hack has not yet been seen. Although the reseller on the dark Web is claiming to offer some data for a sample, it has not been provided for free access. This is unusual as hackers on the dark Web often provide free samples of the data they are selling.

For Telegram, CoWIN Vaccine Alert Bots Provided Unplanned Growth

would advise folks to be cautious of 'alerts' posted here by companies that have a self-serving financial interest in creating/spreading FUD around data leaks, ty
— Karan Saini (@squeal) June 10, 2021

The government takes COVID-19 vaccine registrations through Aarogya Setu and Umang apps — in addition to the CoWIN portal. It also recently made guidelines to allow booking of the vaccines through third-party apps. However, CoWIN has so far been used as a centralised platform for COVID-19 vaccine registrations across the country.

How to Download COVID-19 Vaccine Certificate

According to the latest data available on the CoWIN dashboard, the platform processed more than 27 crore registrations and enabled over 24 crore vaccination doses.

What is the best phone under Rs. 30,000 in India right now? We discussed this on Orbital, the Gadgets 360 podcast. Orbital is available on Apple Podcasts, Google Podcasts, Spotify, Amazon Music and wherever you get your podcasts.

Affiliate links may be automatically generated - see our ethics statement for details.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.