Sensitive Covid Vaccination Data Of Indians On Co-WIN Portal Leaked? This Is What Govt Of India Has Said..


Radhika Kajarekar

Radhika Kajarekar

Jun 14, 2023


Breach of COVID vaccination data of beneficiaries has been alleged on social media platforms, claiming that the Co-WIN portal of the Union Health Ministry has been compromised. 

Sensitive Covid Vaccination Data Of Indians On Co-WIN Portal Leaked? This Is What Govt Of India Has Said..

Reports suggest that the personal data of vaccinated individuals can be accessed using a Telegram BOT by entering the mobile number or Aadhaar number of the beneficiary.

The Press Infomation Bureau has issued a statement regarding this new development. Read on to find out what it says!

Breach of Data Through Co-WIN Did Not Happen?

The Union Health Ministry has clarified that these reports are baseless and misleading. The Co-WIN portal is secure, with measures in place to ensure data privacy. Security features such as a Web Application Firewall, Anti-DDoS, SSL/TLS, regular vulnerability assessment, and Identity & Access Management are implemented on the portal. 

Access to data is OTP authentication-based, providing an additional layer of security. The Ministry assures that all necessary steps have been taken and are being taken to protect the data in the Co-WIN portal.

The Co-WIN portal was developed and is owned and managed by the Ministry of Health and Family Welfare (MoHFW). An Empowered Group on Vaccine Administration (EGVAC), chaired by the former CEO of the National Health Authority (NHA) and consisting of members from MoHFW and MeitY, was responsible for overseeing the development of Co-WIN and making policy decisions.

The Co-WIN data can be accessed at three levels: through the beneficiary dashboard using registered mobile numbers with OTP authentication, by authorized users (vaccinators) with proper login credentials, and by third-party applications authorized to access Co-WIN APIs with beneficiary OTP authentication.

Vaccinated Beneficiaries’ Data Cannot Be Shared Without OTP Authentication

Regarding the Telegram BOT, it is clarified that vaccinated beneficiaries’ data cannot be shared without OTP authentication. Only the year of birth (YOB) is captured for adult vaccination, and there is no provision to capture the address of the beneficiary.

The Co-WIN development team has confirmed that there are no public APIs that allow data retrieval without OTP. While certain APIs have been shared with trusted third parties, such as the Indian Council of Medical Research (ICMR), for data sharing, these APIs are specific and require authentication. The Ministry has requested the Indian Computer Emergency Response Team (CERT-In) to investigate the issue and provide a report. Additionally, an internal review of Co-WIN’s security measures has been initiated.

According to the initial report from CERT-In, the backend database for the Telegram BOT did not directly access the Co-WIN database APIs, further indicating the baseless nature of the alleged data breach.


Radhika Kajarekar
Radhika Kajarekar
  • 815 Posts

Subscribe Now!

Get latest news and views related to startups, tech and business

You Might Also Like

Business
Dec. 8, 2022

Beat The Burden Of Medical Inflation With A Health Insurance

As disease rates rise and medical technology develops, treatment costs climb. It’s essential to understand that medical costs are not exclusively associated with hospitals. The cost of prescription drugs, diagnostic procedures, ambulance and operating room fees, consultations with doctors, and other costs are also constantly increasing. All of them could put a big strain on […]

Business
Dec. 8, 2022

3 Biggest Changes Of iOS 16.2 Update That Every iPhone User Should Know!

In its latest update Apple said that it is preparing for the iOS 16.2 update for iPhones across the world. Notably, like the previous release, there are a couple of changes coming for the iPhones.  iOS 16.2 Update Release Date So far, Apple has not announced a release date for iOS 16.2 update. Reportedly, the […]

Business
Dec. 8, 2022

300 Microsoft Employees Create Employee Union, First Time Ever: This Is How Microsoft Reacted

Around 300 workers at Microsoft Corp.’s ZeniMax Studios have commenced the process of forming a union which is said to be the first at the software giant in the US.  Here, Microsoft Corp.’s ZeniMax Studios known for popular video games including Skyrim and Fallout. Forming Union In Microsoft Corp Moreover, the quality assurance employees at […]

Business
Dec. 7, 2022

India Beats China In Air Travel Safety: Ranking Jumps From 102 To 48 In Global Aviation Safety

India’s air safety protocols and executions have improved drastically over the years, as validated by the findings of a specialized agency of the United Nations, the International Civil Aviation Organization or ICAO. The UN watchdog has upgraded India’s ranking in terms of aviation safety to the 48th position, jumping past the rankings of countries like […]

Recent Posts

Related Videos

   

Subscribe Now!

Get latest news and views related to startups, tech and business

who's online