Made public via CDN
Cyber security researcher Rajasekhar Rajhariya also tweeted that personally identifiable information (PIIs) including names and COVID-19 results have been made public through a CDN. He said that Google has indexed millions of data from the affected systems. The PII includes the name, MOB, PAN, address etc of COVID-19, RTPCR result and covin data and all these are being made public through a government CDN. Google has put about 9 lakh public/private government documents in the search engine.
The data was to be uploaded on the covin portal
An email query sent to the Ministry of Electronics and IT in this regard did not elicit any response. A sample document shared on the Raid forum shows that the leaked data was meant to be uploaded on the CoWin portal. The government has relied heavily on digital technologies in terms of creating awareness about the COVID-19 pandemic and its vaccination programme. Many government departments compel people to use the Aarogya Setu app for COVID-19 related services and information.
The government denied the news of the leak
On this matter, the government said that many media reports have claimed that the data stored in the CoWin portal has been leaked online. It is clarified that no data has been leaked from the Covin Portal and the entire data of the people is safe on this digital platform. The Union Ministry of Health and Family Welfare will investigate this news. Prima facie this claim is not correct as Covin neither collects the address of an individual nor does the RT-PCR test result.
At the same time, the Ministry of Health and Family Welfare said that in connection with the data leak from CoWin, we are getting the matter investigated. However, prima facie it seems that the alleged data leak is not related to CoWin as we neither collect any information about the COVID-19 status of the beneficiaries nor the address.
Post a Comment