CoWIN Data Leak News: There was a stir throughout the day on Monday (June 12) regarding the news of data leakage from CoWIN, the portal of Covid Vaccination. The central government dismissed the claims of data leakage from the Covin portal as mischievous. Political rhetoric has also taken place regarding this matter. Many opposition leaders targeted the government regarding the data leak. Know the big things related to this event.
1. The government said on Monday that the news claiming that the data of the registered beneficiaries on the Covin platform was leaked is baseless. The country’s nodal cyber security agency ‘Cert-In’ has reviewed the matter. The Health Ministry said that the Covin portal is completely secure with adequate safeguards for data privacy. An internal exercise has been launched to review Covin’s existing security measures.
2. Minister of State for Electronics and Information Technology Rajeev Chandrasekhar said that the Indian Computer Emergency Response Team (CERT-In) stepped in immediately and reviewed the matter. It does not appear that the Kovid app or database has been a direct victim of the breach. He said that a Telegram bot was showing the details of the Kovid app on entering the phone number. The minister said the data was accessed by the bot from a threat actor database, which appears to have been linked with previously stolen data. It does not appear that there has been a direct breach in the Kovid app or database.
3. The Health Ministry said that all security measures are in place on the Covin portal along with web application firewalls. There is only OTP authentication-based access to the data. All steps have been taken and are being taken to ensure the security of data in the Covin Portal. Cert-In has stated in its preliminary report that the backend database for the Telegram bot was not directly accessing the API of the Covin database.
4. The statement said that some Twitter users have claimed that personal data of people who have been vaccinated has been accessed through Telegram (online messenger application) bots. The ministry said that there have been reports that the bot is capable of collecting personal data through mobile number or Aadhaar number of a beneficiary.
5. Covin is developed and managed by the Ministry of Health and Family Welfare. An Empowered Group on Immunization (EGVAC) was constituted to prepare the vaccine and decide on policy issues. The statement said that at present, access to individual-level vaccination beneficiary data is available at three levels. The first is the Beneficiary Dashboard. Under this, the person who has been vaccinated can access the Covin data through the registered mobile number with OTP authentication.
6. Second, Covin is the authorized user who can access the individual level data of the vaccination beneficiaries with the provided authenticated login credentials. Next, there’s API-based access. In this, third party applications that have been granted authorized access to the Covin API can access individual level data of vaccinated beneficiaries only through beneficiary OTP authentication.
7. The statement said that the Covin system monitors and keeps a record of each time an authorized user accesses the Covin system. The ministry said that without OTP, the data of vaccinated beneficiaries cannot be shared with any bot.
8. The ministry said that only the year of birth is recorded for adult vaccinations, but it appears that the media post has claimed that the bot has also mentioned the date of birth. Moreover, there is no provision to enter the address of the beneficiary as well.
9. Opposition parties said on Monday that the matter should be investigated amid reports of a breach in the data of the Covin platform. Congress leaders alleged negligence and said that the government is not taking any action on the Data Protection Bill. Congress MP Karti Chidambaram said that the central government is ignoring the privacy of the citizens. Personal data of every Indian who got vaccinated for Kovid-19 is publicly available. Why is the Government of India not taking action on the Data Protection Bill?
10. Trinamool Congress spokesperson Saket Gokhale said that this is a matter of serious national concern. Ashwini Vaishnav (Information Technology Minister) is the only minister of this department. How long will Prime Minister Modi continue to ignore Vaishnav’s disability. At the same time, the Marxist Communist Party said in a statement that there should be a thorough investigation of this matter.
read this also-