ForumIAS announcing GS Foundation Program for UPSC CSE 2025-26 from 19 April. Click Here for more information.
ForumIAS Answer Writing Focus Group (AWFG) for Mains 2024 commencing from 24th June 2024. The Entrance Test for the program will be held on 28th April 2024 at 9 AM. To know more about the program visit: https://forumias.com/blog/awfg2024
Contents
Source: The post is based on the article “CoWIN vaccination data out, Centre denies breach” published in The Hindu on 13th June 2023
What is the News?
The Ministry of Health and Family Welfare has said that reports of data breach of beneficiaries who received COVID vaccination are without any basis and mischievous in nature.It said that CoWIN platform is completely safe with adequate safeguards for data privacy.
What is the CoWIN Platform?
What has happened to the CoWIN Platform?
It has been reported that an automated account on messaging platform Telegram was allegedly sharing sensitive personal information of Indian citizens who signed up for the CoWIN portal for their Covid-19 vaccination.
This information included the Aadhaar and passport numbers of the persons who had signed up for the portal.
The alleged leak could impact more than 100 core individuals who have secured vaccinations after signing up through the CoWIN portal.
This includes more than 4 crore children between the age of 12-14 and over 37 crore people over the age of 45, a significant part of which could be senior citizens.
What is the Centre’s defence in this case?
There are only three ways in which data on CoWIN can be accessed:
– Firstly, a user can access their data on the portal through a one-time password (OTP) sent to their mobile number.
– Secondly, a vaccinator can access the data of a person, and the CoWIN system tracks and records each time an authorized user accesses the system
– Thirdly, third-party applications that have been provided authorized access to CoWIN APIs can access personal level data of vaccinated people after OTP authentication.
Without OTP it is not possible to access data: The government claims that without an OTP, data cannot be shared with the Telegram bot.
On database accessed by Telegram bot: The govt clarified that data being accessed by the bot from a threat actor database seems to have been populated with previously breached/stolen data. The database was other than CoWIN.
