Two held over involvement in CoWIN data ‘leak’ case

New Delhi: A man from Bihar was arrested and his juvenile brother was apprehended in connection with the alleged data leak from the CoWIN portal, officials said on Thursday.

The man is alleged to have used Telegram application to leak the information, they said.

A police officer said the accused was nabbed from his residence in Patna with the help of technical surveillance. His mother, who works as a healthcare worker, is also being questioned.

He said the accused managed to steal the data of a few individuals from Bihar after logging into his mother’s account in the CoWin portal.

Preliminary investigation has revealed that the accused hacked the system, created a bot and shared it on social media. It has also emerged that he has not sold the data to anyone, police said.

The official noted that the accused did not have any ulterior motive in doing so. It is suspected he took the assistance of his mother which is why she is also being questioned.

There have been claims about the breach of data of citizens registered on the CoWIN platform, and opposition parties have asked the government to take deterrent action.

The government has, however, termed such reports “mischievous” and “without any basis” while asserting that the CoWIN portal is completely safe with adequate safeguards for data privacy.

The matter was sent for a review by the country’s nodal cyber security agency CERT-In, which said in its initial report, that the backend database for the Telegram bot, which is at the centre of the alleged leak, was not directly accessing the APIs of the CoWIN database.

In a statement, the Union health ministry said an internal exercise had been initiated to review the existing security measures.

CoWIN portal is a repository of data of all those who have been vaccinated against coronavirus in the country.