CoWIN portal is India's Covid-19 vaccination tracking platform.
The Delhi Police have made an arrest in Bihar in connection with the alleged leak of data in the CoWIN portal -- the country's Covid-19 vaccination tracking platform. The man was arrested by the Delhi Police Special Cell's IFFSO (Intelligence Fusion & Strategic Operations) unit.
Sources in the police told NDTV that the man leaked sensitive personal details of politicians, bureaucrats, and others on the social media platform Telegram.
The man, police say, took the help of his mother - a health worker - to gather data from the CoWIN portal.
The leaked data allegedly includes Aadhaar, voter ID, passport numbers and cellphone numbers of those who received Covid-19 vaccines, tweeted South East Asia Index.
The news about the data breach was first carried out by a data-driven news portal South Asia Index in a series of tweets early this month. The government had then rubbished the report, insisting that the CoWIN portal is completely safe.
"Co-WIN portal of Health Ministry is completely safe with safeguards for data privacy... Only OTP authentication-based Access of Data is provided," read a statement from the Union Health Ministry.
Union Minister Rajeev Chandrasekhar tweeted to say that a Telegram Bot revealed CoWIN app details upon entry of phone numbers. "The data being accessed by bot from a threat actor database, which seems to have been populated with previously stolen data stolen in the past. It does not appear that Cowin app or database has been directly breached," Mr Chandrasekhar at the time.
CoWIN is integrated with Aarogya Setu and UMANG Apps. UMANG (Unified Mobile Application for New-age Governance) provides a single platform for access to pan India e-Gov services ranging from Central to local government bodies.