CoWIN Data Leak: 2 brothers held in Bihar for uploading data on Telegram

New Delhi: In an alleged data breach case reported in Bihar, two persons including a minor were apprehended by the Intelligence Fusion & Strategic Operations (IFSO) unit of the Delhi Police Special Cell in connection with their involvement in the alleged data leak from the CoWIN portal, officials said on Thursday. 

The man is alleged to have used a Telegram app to leak the data, they said. A police officer said the accused was nabbed from his residence in Patna with the help of technical surveillance. 

He said the accused managed to steal the data of a few individuals from Bihar after logging into his mother’s account in the CoWin portal. Preliminary investigation has revealed that the accused hacked the system, created a bot and shared it on social media. It has also emerged that he has not sold the data to anyone, police said.

The official noted that the accused did not have any ulterior motive in doing so. It is suspected he took the assistance of his mother which is why she is also being questioned.

It is reported that entire CoWIN data had been hacked and leaked on Telegram where personal information such as names, mobile numbers, Aadhaar card details, PAN card details, date of birth, and vaccination centre information. In some instances, even the passport details were leaked.

On June 12, reports emerged that a bot on the messaging platform Telegram was allegedly returning the personal data of Indian citizens who registered with the COVID-19 vaccine intelligence network (CoWIN) portal for vaccination purposes. The bot spewed out personal details like name, Aadhaar and passport numbers upon entry of phone numbers.

On the same day, the Health Ministry denied reports of a data breach, and said the allegations were “mischievous in nature.” It added that the Indian Computer Emergency Response Team (CERT-In) was reviewing the existing security infrastructure of the portal. 

Separately, the Minister of State for Electronics and IT Rajeev Chandrasekhar said the nodal cyber security agency had reviewed the alleged breach and found that the CoWIN platform was not “directly breached.”

Also Read:2800 fake COVID vaccination certificates from CoWIN portal, MP Govt orders probe

In a statement, the Union Health Ministry also said that an internal exercise has been initiated to review the existing security measures.

The CoWIN portal is a repository of all data of all those who have been vaccinated against COVID-19 in the country.

"The accused was identified using technical surveillance. He was arrested from his residence in Bihar. We suspect he took his mother’s help to breach the system. He created a bot and shared it on Telegram. We know he was not selling the data to anyone in particular. He tried hacking the system and was successful. When he realised he could put all the data online, he did. We don’t think he had any other ulterior motives" said an officer, reports The Indian Express.

The accused mother is an Auxiliary Nurse Midwife (ANM) in Patna and it is suspected that the duo used the login ID and credentials of their mother to access the data on CoWIN.

According to experts, even ANM workers do not have access to the complete data of the app. They are limited access to data for the people they vaccinate like their phone numbers, dosage information and district centre information.

It came to light that the accused had only access to the data of only a few individuals and were not involved in any kind of “major data breach”. The police have refused to provide much detail into the case since the investigation is under process. 

Also Read:Health Ministry denies reports claiming CoWIN data breach, says will start probe