The Ministry of Health on Friday rejected the reports of data leak from Co-WIN portal and said “no data has leaked" from the state-owned site.
“There have been several media reports claiming that the data stored in Co-WIN portal has been leaked online…No data has leaked from Co-WIN portal and the entire data of residents is safe and secure on this digital platform," the ministry said in a statement.
While Union Ministry of Health will enquire into the substance of the news, prima facie the assertion is not correct, as Co-WIN collects neither the address of the person nor the RT-PCR test results for Covid vaccination, the statement further said.
This comes just hours after reports claimed that personal data of thousands of people in India had been leaked from a government server which included their name, mobile number, address and Covid test result.
According to PTI, the leaked data has been put on sale on Raid Forums website where a cyber criminal claims to have personal data of over 20,000 people.
The data put on Raid Forums shows name, age, gender, mobile number, address, date and result of Covid-19 report of these people, the report said.
Cyber Security researcher Rajshekhar Rajaharia also tweeted that personally identifiable information (PII) including name and Covid-19 results are made public through a content delivery network (CDN). He said that Google has indexed lakhs of data from the affected system.
"PII including Name, MOB, PAN, Address etc of #Covid19 #RTPCR results & #Cowin data getting public through a Govt CDN. #Google indexed almost 9 Lac public/private #GovtDocuments in search engines. Patient's data is now listed on #DarkWeb. Need fast deindex," Rajaharia said in his tweet.
(With inputs from PTI)
