Government to probe alleged CoWin data leak, MoS Rajeev Chandrasekhar says not a direct breach
Cert-In was asked to probe as to how a bot on the instant messaging app Telegram was able to provide details of a person’s vaccination date, the place where they were vaccinated against Covid-19, along with the date of birth of the person
ETtech
The government has asked the Indian Computer Emergency Response Team (Cert-IN) to probe the alleged leak of personal details from the national vaccination portal CoWin and submit the report within a month, a senior government official said.
Cert-In was asked to probe as to how a bot on the instant messaging app Telegram was able to provide details of a person’s vaccination date, the place where they were vaccinated against Covid-19, along with the date of birth of the person, the official said, adding that these details are likely from datasets that had been stolen earlier.
Later in the day, the minister of state for electronics and information technology Rajeev Chandrasekhar said that an initial probe from Cert-In had indicated that neither the Co-Win app nor the database had been breached.
“A Telegram Bot was throwing up Cowin app details upon entry of phone numbers. The data being accessed by bot from a threat actor database, which seems to hv been populated wth previously stolen data stolen in the past.It does not appear that Cowin app or database has been directly breached,” Chandrasekhar said in a tweet.
The ministry of family health and welfare also asserted that CoWin remained safe and that there had been no breaches.
Telegram claimed that the bot was removed on Monday morning. "Telegram's moderators routinely remove private data published without consent – as was the case with this bot," it said in an email.
Cert-In was asked to probe as to how a bot on the instant messaging app Telegram was able to provide details of a person’s vaccination date, the place where they were vaccinated against Covid-19, along with the date of birth of the person, the official said, adding that these details are likely from datasets that had been stolen earlier.
Later in the day, the minister of state for electronics and information technology Rajeev Chandrasekhar said that an initial probe from Cert-In had indicated that neither the Co-Win app nor the database had been breached.
“A Telegram Bot was throwing up Cowin app details upon entry of phone numbers. The data being accessed by bot from a threat actor database, which seems to hv been populated wth previously stolen data stolen in the past.It does not appear that Cowin app or database has been directly breached,” Chandrasekhar said in a tweet.
The ministry of family health and welfare also asserted that CoWin remained safe and that there had been no breaches.
ADVERTISEMENT
“The development team of COWIN has confirmed that there are no public APIs where data can be pulled without an OTP. In addition to the above, there are some APIs which have been shared with third parties such as ICMR for sharing data. It is reported that one such API has a feature of sharing the data by calling using just a mobile number of Aadhaar. However, even this API is very specific and the requests are only accepted from a trusted API which has been white-listed by the Co-WIN application,” the health ministry said in a statement.Telegram claimed that the bot was removed on Monday morning. "Telegram's moderators routinely remove private data published without consent – as was the case with this bot," it said in an email.
Download
The Economic Times Business News App for the Latest News in Business, Sensex, Stock Market Updates & More.
The Economic Times Business News App for the Latest News in Business, Sensex, Stock Market Updates & More.
Download
The Economic Times News App for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.
The Economic Times News App for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.
Related Articles
Cockroach Janta Party gambit a part of 'cross-border' influence operation, says Keralam BJP Chief Rajeev Chandrasekhar2026-05-23T06:29:43Z- BJP has two MLAs from Kerala: Party state president Rajeev Chandrasekhar2026-05-04T10:24:41Z
- 2026 polls last three-front contest in Kerala: BJP leader Rajeev Chandrasekhar2026-04-10T10:09:27Z
ADVERTISEMENT
