CoWin website, which is almost clicked by every smart phone user in India, is hacked by Dark Leak Market. A screenshot advertising a data of 150 million COVID-19 vaccinated people from India with their name, Mobile Number, GPS (exact location), Aadhaar ID, etc.
The data leakers also stated that they are just resellers. We can consider this as the original hackers are yet to be found. Dark Tracker, a dark web criminal intelligence, has tweeted today that the reseller is offering a 150 million people’s data for $800.
On so many questions being raised earlier about the website efficacy and security, the union health minister said that the CoWin website has all the security to protect public’s data and the website is the safest in the country. The union health minister also said that no one can pass through the website to loot the data as OneTime Password and CAPTCHA are tough to pass.
Earlier, users also complained against the website that there are a lot of glitches while registering for the vaccine and sometimes they could not even login to the website. Public are also facing so many issues from the website regarding slot allocation for the vaccination. Many complained that, after getting registered for the first dose of vaccination, they cannot book the slots for their first jab and vaccination centre is being allotted.
People could not find the difference in between registering for the vaccine and booking the slot for vaccine again. People found it silly as they can register for the vaccine but not able to find the slots after waiting for months.
The security for the data in the website is now being questioned as only 10% of the total population in the country are vaccinated with the first dose and many more to be registered. On being misused of the registration codes, the union health minister also announced that there will a four-digit passcode for individual which is secured for vaccination and the same code will be used for two dose vaccinations.
On being every passcode, every registration number leaked, the proper allocation of the second dose of vaccine is questionable.
The officials are yet to comment on the data leak.
[Update 10-06-2021, 23:07]: The officials deny CoWin data breach that can affect 150 million people in the country, proper investigation has yet to be done.