The alleged leak of data from the CoWin app has caused concern among government officials, who are worried about the potential consequences of such actions. While the health ministry has officially stated that there was no significant leak in the recent incident, sources have revealed that an internal investigation has been launched to identify possible vulnerabilities and enhance cybersecurity measures. “We have initiated an internal review of CoWin’s existing security measures,” a source commented.
CoWin is a digital platform that is developed, owned, and managed by the health ministry. It serves as a repository for all the data related to individuals who have received the Covid-19 vaccine.
Earlier this week, several social media reports and prominent users alleged that the personal details, including date of birth and home address, of individuals who had been vaccinated against Covid-19 in the country had been compromised through a Telegram bot. However, the government denied these claims.
The Delhi police’s special cell, specifically the Intelligence Fusion & Strategic Operations (IFSO) unit, has apprehended a man and a juvenile from Bihar for their alleged involvement in leaking data from CoWin. The man is said to have shared the data on Telegram. The health ministry has stated that the Indian Computer Emergency Response Team (CERT-In) has been assigned to investigate the matter and provide a report.
“In its initial report, CERT-In has highlighted that the backend database of the Telegram bot did not directly access the CoWin database’s APIs (Application Based Interface),” the ministry explained.