Open In App

CoWIN Data Breach

Last Updated : 17 Jan, 2024
Improve
Improve
Like Article
Like
Save
Share
Report

The CoWIN Data Breach is one of the largest data breaches that happened in India. It had data on vaccinated Indians. The CoWIN data breach reportedly happened in June 2023. It raised questions about the security of personal data. Reportedly, it is said that a telegram bot has leaked the data of the CoWIN portal.

According to the government, the data which was breached was old and no telegram bot can take out the data without OTP. The government’s response was ambiguous and it raised questions about data security and protection.

In this article, we will read about the CoWIN Data Breach that happened in June 2023, along with how it leaked, the Government’s response to it, and others in detail.

Also Read: Data Breach

Table of Content

What is CoWIN Portal?

CoWIN is a digital platform which is developed by the Union Ministry of Health and Family Welfare. CoWIN stands for COVID Vaccine Intelligence Network. It is integrated with the Aarogya Setu app. It was developed in 2021.

  • eVIN: It is a vaccine intelligence system. eVIN is responsible for providing real-time feedback on the stock of vaccines, temperature fluctuations power outages, etc
  • Booking slots: It helps in booking slots for COVID-19 vaccinations in nearby areas.
  • Vaccination: It helps in planning, implementation, monitoring, and evaluating COVID-19 vaccination in India.

CoWIN Data Breach Due to Telegram Bot

Telegram bot is an automated response bot that is used for various purposes such as sharing news, quizzes, etc. According to reports when the mobile number was entered into the telegram bot, it was giving personal data of CoWIN users. The name of the user, the place they got vaccinated, and the government ID which was used for verification were released by the government for example Aadhar, passports, etc.

Government Response to the CoWIN Data Breach

According to the government, CoWIN records only the year of birth and not the date of birth.

  • CoWIN doesn’t store the address of a user
  • OTP is needed to access the data and thus telegram bot cannot do it without the OTP
  • The source is not CoWIN directly but some previously breached data was released
  • CERT-In has been asked by the Ministry of Health to investigate and give a report about it
  • According to experts, CoWIN has security flaws and the government has ignored it
  • CoWIN is vulnerable to hackers because it doesn’t use end-to-end encryption or HTTPS protocol for the transmission of data

What is Data Protection?

Protecting data from being compromised and being used illegally. The sensitive data is protected from loss, corruption or damage. The data which is being stored these days has increased drastically and thus, data protection is also needed.

Difference between Personal Data & Non-Personal Data

The difference between personal data and non-personal data is as follows

Personal Data

Non-Personal Data

The data which can be used to identify any individual.

The data which cannot be used to identify any individual.

Different information which can be compiled and used to identify/locate any individual.

No individual can be identified/located by using this data.

People Also Read:

Conclusion – CoWIN Data Breach

The CoWIN data breach raised many questions about data security. It is not certain that the database was compromised. The status of the CERT-In report is still uncertain. There is a need for better data protection measures. There should also be increased transparency about such breach incidents. The incident and well government response are both worrisome.

FAQs on CoWIN Data Breach

What does the alleged CoWIN data leak reveal UPSC?

The personal data of many Indians who got vaccinated was leaked. It included information such as name, place of vaccinations and government ID used during vaccination.

What is the data leak from CoWIN?

It was reported in June 2023, that a telegram bot is giving out information about CoWIN users. It raised many questions about data protection and data security. The information leaked was the place of vaccination, name of the user etc.

What is CoWIN data?

The COVID-19 vaccine intelligence network (CoWIN) portal is used for vaccination purposes. CoWIN has data like the name of the user, place of vaccination, government ID used for verification etc.

What is the government’s defence about the CoWIN data leak?

According to the government, a telegram bot cannot access the data from CoWIN. To access data, an OTP is required. The government also justified that the data which is being used was old data.

What are the concerns raised after the CoWIN data leak?

There are many concerns regarding the CoWIN data leak. The CERT-In report is pending, the government’s response was vague and there is a need for transparency during such incidents.


Like Article
Suggest improvement
Next
What is Data Compliance?
Share your thoughts in the comments

Similar Reads

Effects of Deforestation (With Latest Data 2024)
Classification on Imbalanced data using Tensorflow
Introduction to Augmented Data Structure
Design an efficient data structure for given operations
Persistent data structures
Digital Personal Data Protection Act 2023
Data Structures
LMNs-Data Structure
Complete Guide to Linked List Data Structure
Data Processing Agreement

M
mintupi6b4
Article Tags :
We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy
Lightbox