New Delhi, June 22: In a major breakthrough, the Delhi Police Special Cell has apprehended a man and a juvenile from Bihar in connection with the alleged data leak from the CoWin portal, the Centre's official platform for Covid-19 vaccination registration and certification. According to police sources, the adult man, whose identity has been withheld pending further investigation, is suspected of being involved in the unauthorised sharing of sensitive vaccination data on the encrypted messaging app, Telegram.
The sources have revealed that the man, believed to be in his late twenties, allegedly gained access to the portal. It is suspected that he illegally obtained confidential information of registered users, including their personal details and vaccination status, and subsequently disseminated this data on Telegram. CoWIN Data Leaked? COVID-19 Vaccination App or Its Database Not Breached Directly, Clarifies Centre After Reports Said Telegram Bot Sharing Private Details of Vaccinated Indians.
The accused person's mother, who works as a healthworker in Bihar, also adds an intriguing twist to the case. Authorities are currently investigating whether her profession provided the arrested individual with any insider knowledge or facilitated his illicit activities. Further details regarding her involvement or potential knowledge of her son's actions are yet to be disclosed by the police.
Earlier this month, the Union Ministry of Health and Family Welfare (MoHFW) had dubbed the alleged data breach of Covid-19 vaccine beneficiaries as "mischievous in nature", saying that the portal is completely safe with adequate safeguards for data privacy. The Ministry also said that it had requested the Indian Computer Emergency Response Team (CERT-In) to look into this issue and submit a report, besides initiating an internal exercise to review the existing security measures of CoWIN. CoWIN Data Leaked? TMC Leader Saket Gokhale Claims Telegram Bot Sharing Aadhaar Card, Mobile Phone Numbers and Other Private Details of All Vaccinated Indians Including Leaders and Journalists.
The Ministry's remarks came after some media reports and social media posts had claimed breach of data of vaccine beneficiaries. "Certain posts on the social media platform Twitter have claimed using a 'Telegram (online messenger application) BOT', the personal data of individuals who have been vaccinated is being accessed."
It was reported that the BOT has been able to pull individual data by simply passing the mobile number or Aadhaar number of a beneficiary. The Ministry had also said that security measures are in place on the CoWIN portal, with Web Application Firewall, Anti-DDoS, SSL/TLS, regular vulnerability assessment, Identity and Access Management.
(The above story first appeared on LatestLY on Jun 22, 2023 03:37 PM IST. For more news and updates on politics, world, sports, entertainment and lifestyle, log on to our website latestly.com).