There are some media reports claiming breach of data of beneficiaries who have received COVID vaccination in the country, on some social media platforms. These reports allege breach of data from the Co-WIN portal of the Union health Ministry, which is repository of all data of beneficiaries who have been vaccinated against COVID19. Certain posts on the social media platform Twitter have claimed using a Telegram (online messenger application) BOT, the personal data of individuals who have been vaccinated is being accessed. It is reported that the BOT has been able to pull individual data by simply passing the mobile number or Aadhaar number of a beneficiary.
It is clarified that all such reports are without any basis and mischievous in nature. Co-WIN portal of Health Ministry is completely safe with adequate safeguards for data privacy. Furthermore, security measures are in place on Co-WIN portal, with Web Application Firewall, Anti-DDoS, SSL/TLS, regular vulnerability assessment, Identity & Access Management etc. Only OTP authentication-based access of data is provided. All steps have been taken and are being taken to ensure security of the data in the CoWIN portal. COWIN was developed and is owned & managed by MoHFW. An Empowered Group on Vaccine Administration (EGVAC) was formed for steering the development of COWIN and for deciding on policy issues. Former CEO National Health Authority (NHA), chaired EGVAC which also included members from MoHFW and MeitY.
