- Govt dismissed media reports claiming that data stored on Co-WIN portal has been leaked online.
- Earlier, reports claimed that leaked data has been put on sale on the Raid Forums website.
- CoWIN collects neither address nor RT-PCR test results for Covid vaccination, govt said.
The Union government on Friday dismissed media reports claiming that the data stored in the Co-WIN portal has been leaked online. The govt, in an official press release, clarified that no data has leaked from the Co-WIN portal and the entire data of residents is safe and secure on this digital platform.
The government also said that it is clarified that while the Union Ministry of Health & Family Welfare will enquire into the substance of the news, prima facie the assertion is not correct, as Co-WIN collects neither the address of the person nor the RT-PCR test results for Covid-19 vaccination.
Earlier, reports claimed that the leaked data has been put on sale on the Raid Forums website where a cybercriminal claims to have personal data of over 20,000 people.
The data put on Raid Forums shows the name, age, gender, mobile number, address, date, and result of the Covid-19 report of these people, it said.
Cyber Security researcher Rajshekhar Rajaharia also tweeted that personally identifiable information (PII) including name and Covid-19 results are made public through a content delivery network (CDN). He said that Google has indexed lakhs of data from the affected system.
Rajaharia in a follow-up tweet on January 20 said that he is not reporting any vulnerability in this incidence but cautioning people to remain alert from fraud calls, offers related to Covid-19, etc that they may get as their data is being sold in the dark web.