Telegram Bot Leaks Personal Info Shared on CoWIN: It’s A Wake-Up Call, Says Expert

0
36
Telegram Bot Leaks Personal Info Shared on CoWIN: It’s A Wake-Up Call, Says Expert


The authorities had denied the claims of a CoWIN information breach in 2021. (File for illustration)

News18 couldn’t independently confirm the claims and has reached out to the MiETY and CERT-In. Reports, nonetheless, identified that this might have occurred as a result of a safety breach associated to the CoWIN portal the place all these particulars had been obtainable

Personal info of Indians, together with their Aadhaar and passport particulars, telephone quantity, date of delivery and gender, had been obtainable on the Telegram app for a quick time period, in keeping with latest experiences and social media posts, which pointed at a safety breach associated to the CoWIN portal the place all these particulars had been obtainable.

It was discovered that if a telephone quantity was given to a messenger bot, it delivered all of this info, together with the situation the place the Covid vaccination was administered. Apparently, the bot turned inactive this morning. As per the experiences and screenshots shared on social media, the record of the favored personalities whose information has been leaked embrace Meenakshi Lekhi, P Chidambaram, Ok C Venugopal, Veena George, Jairam Ramesh, Kalvakuntla Taraka Rama Rao aka KTR, Ok Annamalai and Harsh Vardhan.

News18 couldn’t independently confirm the claims and has reached out to the Ministry of Electronics and Information Technology (MeitY) in addition to Indian Computer Emergency Response Team (CERT-In) for additional understanding.

Supreme Court lawyer and cybersecurity skilled, Dr Pavan Duggal known as this incident a “wake-up call”. “The information that has come out in the public domain has question marks because such details would otherwise not be available in this format. Prima facie, it looks like some kind of data breach.”

“If this kind of data is generated, it obviously shows connection to the CoWIN database. But only a proper criminal investigation would reveal whether there was a data breach targeting critical infrastructure or not and CERT-In can also do a cybersecurity analysis,” he mentioned.

WHAT HAPPENED IN 2021?

In 2021, when experiences claimed that there was a potential Cowin information breach, the federal government had denied the claims.

RS Sharma, CEO of the National Health Authority, had vouched for the CoWIN portal, stating it has state-of-the-art safety infrastructure and has by no means confronted a safety breach.

“Data of our citizens on CoWIN is absolutely #safe and #secure. Any news about data leaks from CoWIN holds no merit,” he tweeted.

ABSOLUTE SECURITY A MYTH

Dr Duggal, nonetheless, mentioned that absolute safety doesn’t exist and what was secured yesterday might not be secured right now or tomorrow. “If any entity says we are 100% safe, that is not accurate. But we have to find the loopholes which could potentially be misused by cybercriminals,” he added.

According to the cyber skilled, solely an investigation can inform whether or not the newest findings are the results of a brand new hack or a 2021 information breach, however it is a severe case. “This data, which includes all sorts of personal details, can be used to conduct targeted attacks by other cybercriminals,” he mentioned.



Source hyperlink