CoWin Data: Who Leaked It?

The twitter world went on overdrive over a tweet by Trinamool Congress national spokesperson Saket Gokhale over the CoWin data leak. He tweeted: “a major data breach of Modi Govt where personal details of all vaccinated Indians including their mobile nos., Aadhaar numbers, Passport numbers, voters ID have been leaked and are freely available.” Some of the people whose data were leaked are: Dy Chairman Rajya Sabha Haribansh Narayan Singh; TMC leaders Derek O’ Brien, Sushmita Dev; Congress leaders P Chidambaram, Jairam Ramesh, Ahishek Manu Singhvi KC Venugopal and couple of TV journalists. So where does the blame lie? Clearly, during Pandemic anybody who travelled had to give a vaccine certificate. Besides, self-attested copies of Aadhaar/Passport/Pan cards are given by all of us for various purposes – banks, insurance companies, CAs etc. So the leak can be from anywhere. From the government side, union minister Rajeev Chandrasekhar immediately tweeted: “With ref to some Alleged Cowin data breaches reported on social media, @IndianCERT has immdtly responded n reviewed this (sic). A Telegram Bot was throwing up Cowin app details upon entry of phone numbers. The data being accessed by bot from a threat actor data, which seems to hv been populated wth previously stolen data in the past. It does not appear that Cowin app or database has been directly breached.“