'CoWIN app or database not appear to have been directly breached'

NEW DELHI: Amid reports of an alleged breach of data on the CoWIN platform, Union Minister Rajeev Chandrasekhar on Monday asserted that it does not appear that the CoWIN app or database has been directly breached, and added that Indian Computer Emergency Response Team (CERT-In) immediately responded and reviewed the matter.

The Minister of State for IT further said the National Data Governance policy has been finalised that will create a common framework of data storage, access and security standards in the country.

''With reference to some alleged Cowin data breaches reported on social media, @IndianCERT has immediately responded and reviewed this,'' Chandrasekhar tweeted. A Telegram Bot was throwing up Cowin app details upon entry of phone numbers, he said.

With ref to some Alleged Cowin data breaches reported on social media, @IndianCERT has immdtly responded n reviewed this

✅A Telegram Bot was throwing up Cowin app details upon entry of phone numbers

✅The data being accessed by bot from a threat actor database, which seems to…

— Rajeev Chandrasekhar (@Rajeev_GoI) June 12, 2023

''The data being accessed by bot from a threat actor database, which seems to have been populated with previously breached/stolen data stolen from past. It does not appear that Cowin app or database has been directly breached,'' the minister said clearing the air.

The clarification came after reports earlier in the day suggested CoWIN (Covid Vaccine Intelligence Network) data breach, which reportedly allowed access to certain personal information that an individual gave on the government's portal for vaccination.

According to reports and posts circulating on social media, information including a person's phone number, gender, ID card information, date of birth, last four digits of Aadhaar, as well as the name of the centre where the vaccine was received were also leaked on the channel.