This article is from the source 'bbc' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.
You can find the current article at its original source at https://www.bbc.co.uk/news/world-asia-india-65880173
The article has changed 3 times. There is an RSS feed of changes available.
| Version 1 | Version 2 |
|---|---|
| Covid database: India's health ministry denies major breach | Covid database: India's health ministry denies major breach |
| (about 4 hours later) | |
| The CoWin database contains confidential personal information on millions of people | The CoWin database contains confidential personal information on millions of people |
| The Indian health ministry has denied reports of a major leak of personal data from its Covid vaccination database. | The Indian health ministry has denied reports of a major leak of personal data from its Covid vaccination database. |
| In a statement it said "all such reports are without any basis and mischievous in nature", but it has ordered an official investigation into the matter. | In a statement it said "all such reports are without any basis and mischievous in nature", but it has ordered an official investigation into the matter. |
| The health ministry's CoWin database contains the personal details of millions of people. | The health ministry's CoWin database contains the personal details of millions of people. |
| Allow Twitter content? | Allow Twitter content? |
| This article contains content provided by Twitter. We ask for your permission before anything is loaded, as they may be using cookies and other technologies. You may want to read Twitter’s cookie policy, external and privacy policy, external before accepting. To view this content choose ‘accept and continue’. | This article contains content provided by Twitter. We ask for your permission before anything is loaded, as they may be using cookies and other technologies. You may want to read Twitter’s cookie policy, external and privacy policy, external before accepting. To view this content choose ‘accept and continue’. |
| There does, however, appear to be some disagreement within the Indian government over the alleged data breach. | There does, however, appear to be some disagreement within the Indian government over the alleged data breach. |
| The Minister of Electronics and Technology, Rajeev Chandrasekhar, released a statement via Twitter saying an initial investigation had already indicated that there had been a leak of CoWin data. | The Minister of Electronics and Technology, Rajeev Chandrasekhar, released a statement via Twitter saying an initial investigation had already indicated that there had been a leak of CoWin data. |
| He said that a bot, accessible via the Telegram messaging service was "throwing up CoWin app details upon entry of phone numbers". | He said that a bot, accessible via the Telegram messaging service was "throwing up CoWin app details upon entry of phone numbers". |
| Allow Twitter content? | Allow Twitter content? |
| This article contains content provided by Twitter. We ask for your permission before anything is loaded, as they may be using cookies and other technologies. You may want to read Twitter’s cookie policy, external and privacy policy, external before accepting. To view this content choose ‘accept and continue’. | This article contains content provided by Twitter. We ask for your permission before anything is loaded, as they may be using cookies and other technologies. You may want to read Twitter’s cookie policy, external and privacy policy, external before accepting. To view this content choose ‘accept and continue’. |
| Mr Chandrasekhar said initial investigations by the Indian Computer Emergency Response Team (IndianCert) had found that the data of millions of Indians that had been "previously breached or stolen" from the Covid vaccine database, had been accessible. | Mr Chandrasekhar said initial investigations by the Indian Computer Emergency Response Team (IndianCert) had found that the data of millions of Indians that had been "previously breached or stolen" from the Covid vaccine database, had been accessible. |
| Has there been a leak? | Has there been a leak? |
| A local Indian media outlet first reported on the alleged leak in a YouTube video showing how a Telegram bot was revealing up information on well-known politicians in the southern state of Kerala. | A local Indian media outlet first reported on the alleged leak in a YouTube video showing how a Telegram bot was revealing up information on well-known politicians in the southern state of Kerala. |
| The Malayalam media outlet called 'The Fourth' showed how it was possible to obtain personal data such as a date of birth, the identity document used for registering a Covid vaccination, the location of where the first dose was received, the gender and the phone number of an individual. | The Malayalam media outlet called 'The Fourth' showed how it was possible to obtain personal data such as a date of birth, the identity document used for registering a Covid vaccination, the location of where the first dose was received, the gender and the phone number of an individual. |
| Other news outlets subsequently checked the bot and verified that the personal details of prominent individuals they obtained were indeed accurate. | Other news outlets subsequently checked the bot and verified that the personal details of prominent individuals they obtained were indeed accurate. |
| It is no longer possible to access this bot. | It is no longer possible to access this bot. |
| A Telegram spokesperson told the BBC that such bots breach the platform's terms of service. | A Telegram spokesperson told the BBC that such bots breach the platform's terms of service. |
| "Telegram's moderators routinely remove private data published without consent - as was the case for this bot." | "Telegram's moderators routinely remove private data published without consent - as was the case for this bot." |
| Srikanth Lakshman, a digital identity expert who accessed the bot before it became inactive, said that information relating to both minors and adults had been available. | |
| "Only the CoWin database is supposed to have this kind of detail" he told the BBC. | "Only the CoWin database is supposed to have this kind of detail" he told the BBC. |
| Several cyber security experts have express concerns after the incident was reported and pointed out that no security alert was issued by India's Computer Emergency Response Team. | Several cyber security experts have express concerns after the incident was reported and pointed out that no security alert was issued by India's Computer Emergency Response Team. |
| Has this happened before? | Has this happened before? |
| In June 2021, there were claims that the CoWin portal had been hacked resulting in the sale of data relating to 150 million Indians. The Indian government denied that this had happened. | In June 2021, there were claims that the CoWin portal had been hacked resulting in the sale of data relating to 150 million Indians. The Indian government denied that this had happened. |
| Then in January last year, when similar reports of a data breach emerged, the chief of the National Health Authority, Ram Sewak Sharma, responded saying the database was "safe and secure". | Then in January last year, when similar reports of a data breach emerged, the chief of the National Health Authority, Ram Sewak Sharma, responded saying the database was "safe and secure". |
| Related Topics | Related Topics |
| Data breaches | Data breaches |
| Asia | Asia |
| Coronavirus vaccines | Coronavirus vaccines |
| India | India |