Saturday, April 26, 2025

Two apprehended in CoWin portal data leak case

Date:

Share post:

New Delhi, June 22: In a major breakthrough, the Delhi Police Special Cell has apprehended a man and a juvenile from Bihar in connection with the alleged data leak from the CoWin portal, the Centre’s official platform for Covid-19 vaccination registration and certification.

According to police sources, the adult man, whose identity has been withheld pending further investigation, is suspected of being involved in the unauthorised sharing of sensitive vaccination data on the encrypted messaging app, Telegram.

The sources have revealed that the man, believed to be in his late twenties, allegedly gained access to the portal.

It is suspected that he illegally obtained confidential information of registered users, including their personal details and vaccination status, and subsequently disseminated this data on Telegram.

The accused person’s mother, who works as a healthworker in Bihar, also adds an intriguing twist to the case. Authorities are currently investigating whether her profession provided the arrested individual with any insider knowledge or facilitated his illicit activities.

Further details regarding her involvement or potential knowledge of her son’s actions are yet to be disclosed by the police.

Earlier this month, the Union Ministry of Health and Family Welfare (MoHFW) had dubbed the alleged data breach of Covid-19 vaccine beneficiaries as “mischievous in nature”, saying that the portal is completely safe with adequate safeguards for data privacy.

The Ministry also said that it had requested the Indian Computer Emergency Response Team (CERT-In) to look into this issue and submit a report, besides initiating an internal exercise to review the existing security measures of CoWIN.

The Ministry’s remarks came after some media reports and social media posts had claimed breach of data of vaccine beneficiaries.

“Certain posts on the social media platform Twitter have claimed using a ‘Telegram (online messenger application) BOT’, the personal data of individuals who have been vaccinated is being accessed.”

It was reported that the BOT has been able to pull individual data by simply passing the mobile number or Aadhaar number of a beneficiary.

The Ministry had also said that security measures are in place on the CoWIN portal, with Web Application Firewall, Anti-DDoS, SSL/TLS, regular vulnerability assessment, Identity and Access Management.

IANS

Related articles

CARS24 lays off nearly 200 employees in restructuring exercise

New Delhi, April 26: Autotech platform CARS24 has laid off nearly 200 employees across various functions, as part...

Pak Army official sparks outrage with throat slit gesture at London protest against J&K terror strike

London, April 26: In a deeply controversial moment, a senior official from the Pakistan Army inflamed tensions by...

Gold smuggling case: Karnataka HC dismisses actress Ranya Rao’s bail plea

Bengaluru, April 26: The Karnataka High Court on Saturday dismissed the bail plea of actress Ranya Rao in...

Kailash Mansarovar Yatra to take place between June-August: MEA

New Delhi, April 26: The much-awaited ​Kailash Mansarovar Yatra will take place between June to August, this year,...