'Incorrect and baseless': Health Ministry dismisses reports of CoWin data breach
The Health Ministry on Thursday refuted reports of CoWin data breach and called it "incorrect" and "baseless".
Refuting reports of CoWin data breach as "incorrect" and "baseless", the Ministry of Health on Thursday said that CoWin stores all the vaccination data in a safe and secure digital environment.
Reports surfaced on Thursday claiming that a hackers' group had accessed the database of about 150 million users registered on CoWin and that the data was up for sale.
The health ministry stated that the Computer Emergency Response Team of the Ministry of Electronics and Information Technology (MieIY) are investigating, adding, "No CoWin data is shared with any entity outside the CoWin environment."
"There have been some unfounded media reports of the CoWIN platform being hacked. Prima facie, these reports appear to be fake. However, the Union Health Ministry and the Empowered Group on Vaccine Administration (EGVAC) arc getting the matter investigated by the Computer Emergency Response Team of Ministry of Electronics and Information Technology (MielY)," the ministry said in an official statement.
Meanwhile, Dr RS Sharma, Chairman of the Empowered Group on Vaccine Administration (CoWin) has clarified that data being claimed as having been leaked, such as geo-location of beneficiaries, is not even collected at CoWin.
"Our attention has been drawn towards the news circulating on social media about the alleged hacking of the CoWin system. In this connection, we wish to state that CoWin stores all the vaccination data in a safe and secure digital environment. No CoWin data is shared with any entity outside the CoWin environment," he said.
CoWIN can't be hacked: Govt
In May, the Union Ministry had defended CoWin, saying that it cannot be hacked after it faced criticism about the vulnerability of the CoWIN platform, delay in getting vaccination slots and a digital divide that benefits a selected few.
In a press statement titled 'Busting myths of vaccination', the health ministry said CoWin cannot be hacked and its features of OTP (one time password) and captcha cannot be bypassed.
"We state this with absolute certainty that no breaches have been found till date. No scripts can bypass the OTP verification and CAPTCHA to automatically register an individual," it said.
It said registrations through CoWIN are helping prevent supers spreading events as it prevents overcrowding at vaccination centres.
READ: CoWIN adds feature allowing vaccination sessions to be rescheduled in case of shortage
ALSO READ: CoWIN unable to stop recently recovered people from taking shots despite govt's 3-month hiatus
ALSO READ: Want to cancel your COVID vaccination appointment on CoWin? Here's a step-by-step guide