Connect with us

Research & Opinion

Indian Health Ministry Shuts Down Data Breach Claims, Ensures Co-WIN Portal's Fortified Security

Research & Opinion Trending

From WazirX Hack to Crypto Security: What Experts Say About the $230 Million Theft

Research & Opinion

Unveiling the Power of Generative AI: Transforming Creativity and Innovation

Cyber Crime Research & Opinion

I Got Scammed, How Do I Get My Money Back?

Cyber Crime Research & Opinion

All You Need To Know About Digital Arrest: A Novel Cybercrime Trend

Cyber Crime Research & Opinion Trending

I4C, NSD Join Hands With MyGov To Raise Awareness on Cybercrime in Innovative Street Plays

Research & Opinion Tech Talk Trending

Innovative Cyber Investigation Tool to Win Prestigious 'सर्वश्रेष्ठ साइबर त्रिनेत्र' Award at Future Crime Summit 2024 - Nominate & Register

Cyber Crime Policy Watch Research & Opinion

India Faces Rising Threat of Spam Marketing: Protecting Consumer Rights

Research & Opinion Tech Talk Trending

Future Crime Summit 2024: Recognizing India's Cybersecurity Champions - Nominate & Register Now

Research & Opinion Tech Talk Trending

FutureCrime Summit 2024: Gathering Of India's Finest Speakers To Combat Digital Threats - Don't Miss the Biggest Cybersecurity Event of the Year

Research & Opinion

SCOPE Convention Centre, New Delhi To Host FutureCrime Summit 2024

Research & Opinion

Prof. Triveni Singh Unveils Revolutionary Cybercrime Management Framework at DSCI Event

Research & Opinion

FutureCrime Summit 2024: Nominations Open for Top Honors in Cybersecurity

Research & Opinion Trending

FutureCrime Summit 2024: Over 500 Participants Enroll Within 24 Hours of Registration Launch

Research & Opinion

Registrations are now OPEN for the “FutureCrime Summit 2024”. Register Now!

Research & Opinion

FCRF-RML National Law University Lucknow Webinar: Join Data Protection & Privacy Workshop By Top Experts

Research & Opinion Trending

India Ranks Third Globally in Governmental Requests for Content Removal from Google

Research & Opinion Tech Talk

FutureCrime Summit 2024: Most Innovative Confluence of Cyber Crime Fighters

Research & Opinion

Why Reinventing the Wheel in Cybersecurity is Crucial for National Security

Research & Opinion Tech Talk Trending

23 Milestones of India’s IT Act @ 23

Research & Opinion Tech Talk Trending

Card Swiping Secrets Unveiled: How VISA, Mastercard, and Amex Make Money Moves

Research & Opinion Trending

Cyber Battlegrounds: FCRF Unveils India's Top 10 Cybercrime Hotspots & Vulnerable Districts

Cyber Crime Research & Opinion Trending

FCRF Report: India Battling Cyber Threats with Online Financial Fraud Dominating at 77.41%

Research & Opinion

SEBI Issues New Cyber Security Guidelines to Protect Securities Market from Cyber Attacks

Research & Opinion

New Age Transaction Monitoring Signals for Banks || Rented Accounts

Research & Opinion

Digital Forensics: India’s Roadmap for the Next Decade

Research & Opinion Trending

Cybercrime's Hidden Web: 120,000 Computers Infected by Stealthy Malware Network

Research & Opinion

World Social Media Day - From Empowerment to Harassment: The Bitter Reality of Online Spaces for Indian Women

Research & Opinion

Top 23 Most Lethal Ransomware Groups In The World – Tactics, Victims & Operations Details Inside

Research & Opinion

Breaking The Spam Cycle TRAI's AI Solution To Combat Unwanted Messages

Research & Opinion

Google's Secret Manipulation: Research Psychologist Exposes Biased Algorithms and Election Influence

Research & Opinion

How To Protect Your Devices, Like a Pro

Research & Opinion

Financial Cybercrime On The Rise: Cyber Criminals Use Fake SMS And Malicious Apps

Research & Opinion

Want To Become A Future Crime Researcher? Join The Future Crime Research Foundation

Research & Opinion

How To Not Take The Phishing Bait

Research & Opinion

Cyber Fraud In The Name Of ‘Work From Home’ Job Offer

Research & Opinion Trending

World Economic Forum 2023: What’s Cyber Pandemic? How Much Data Is Being Created Globally Every Minute?

Research & Opinion

Why We Need Global Rules To Crack Down On Cybercrime: World Economic Forum Warms Up To The Idea Of Online Security

Cyber Crime Research & Opinion Trending

Hybrid Work Models In India Increase Hacking Risks: Unregistered Devices A Potential Security Threat

Research & Opinion Tech Talk

Most Cyber Attacks on China, India in Govt Sector: CloudSEK Report

Research & Opinion

Every Cyber Attack Is A wake-up Call For The Nation

Research & Opinion Trending

Security Flaws In Atlassian Products Can Be Misused By Cyber Criminals Affecting Multiple Businesses

Research & Opinion Tech Talk

Future Crime Research Foundation And CMEE IIM Lucknow Webinar: Experts Come Together To Decipher Rising Financial Cybercrime And Prevention

Research & Opinion

Automated Fraud Detection in Android Apps — Financial, E-Commerce

Economic Fraud Research & Opinion

Exposing FRAUD4 Nexus With Bureaucrats, Vendors, OEMs, C-Suite Executives: Time To Audit The Big4(20)

Research & Opinion

All You Need To Know About Financial Cyber Crime Through Fake Message For Electricity Disconnection

Research & Opinion Tech Talk

How Hackers Break Passwords And How You Can Secure Them! Here Are Top Four Methods

Research & Opinion

Death Of The Whistleblower

Research & Opinion Tech Talk

All You Need To Know About Password and Authentication Best Practices

Research & Opinion

12 Typologies Of Crypto Scams To Watch Out For

Research & Opinion

The Less Talked About Immigration Scam

Research & Opinion

Fraudulent Quick Loan Apps & Chinese Directors Behind RBI's Crackdown Against 5 NBFCs

Research & Opinion

Future Crime Workshop: Know All About The Use Of Blockchain In Prevention Of Cybercrime

Research & Opinion

Future Crime Workshop: Demystify The Underground World Of Darkweb And How To Investigate Crime

Research & Opinion

Future Crime Workshop - Robust Policy And Investigation Key To Control Metaverse Crimes: Amit Dubey

Research & Opinion

Future Crime Workshop - Need Visionaries, Innovators To Control Metaverse In India: Alok Vijayant

Research & Opinion

Future Crime Workshop - No Physical Crime In Metaverse But Psychological Breakdown Imminent: Ex-IPS Sanjay Sahay

Research & Opinion

Indian Health Ministry Shuts Down Data Breach Claims, Ensures Co-WIN Portal’s Fortified Security

Published

1 year ago

on

NEW DELHI: In response to alleged data breaches related to India’s Cowin app, Rajeev Chandrasekhar, the Minister of State for Electronics and Information Technology (MEITY), has assured the public that the app and its database have not been directly breached. The breaches were reported on social media platforms, raising concerns about the security of personal information.

ALSO READ: Step By Step Guide: How To File Cybercrime Complaint Online In India

Investigations conducted by the Indian Computer Emergency Response Team (CERT-In) revealed that a Telegram Bot was responsible for displaying Cowin app details when phone numbers were entered. However, the data accessed by the bot seems to have originated from a threat actor database. This database appears to have been populated with previously breached or stolen data from the past.

https://twitter.com/Rajeev_GoI/status/1668206577021583362?t=2BFvNZb0G6_yMYbRWgGsmw&s=08

To address such security concerns, the Indian government has finalized the National Data Governance policy. This policy aims to establish a common framework for data storage, access, and security standards across all government entities. With this policy in place, the government aims to enhance the protection of sensitive information and prevent future data breaches.

Recent media reports alleging a breach of data from the Co-WIN portal of India’s Union Health Ministry have been dismissed as baseless and mischievous by the ministry. These reports suggested that personal data of individuals who have been vaccinated against COVID-19 could be accessed through a Telegram Bot. However, the ministry has clarified that the Co-WIN portal is completely safe, with robust safeguards in place to protect data privacy.

ALSO READ: Search All India Police Station Phone Numbers & Mail ID Through This Search Engine

The Co-WIN portal, developed and managed by the Ministry of Health and Family Welfare (MoHFW), incorporates various security measures such as a Web Application Firewall, Anti-DDoS protection, SSL/TLS encryption, regular vulnerability assessments, and Identity & Access Management protocols. Access to data on the portal is strictly based on One-Time Password (OTP) authentication, ensuring the confidentiality and security of individuals’ information.

The Co-WIN data access is structured at three levels. Firstly, vaccinated individuals can access their own data through the beneficiary dashboard by using their registered mobile number and undergoing OTP authentication. Secondly, authorized vaccinators can access personal-level data of vaccinated beneficiaries through authenticated login credentials. It’s important to note that every access to the Co-WIN system is recorded for accountability.

ALSO READ: Looking For Nodal Officers Of Banks, Telecoms, Social Media? Click The Link Here To Fetch Numbers – Details Inside

Thirdly, third-party applications with authorized access to Co-WIN APIs can only access personal-level data of vaccinated beneficiaries through beneficiary OTP authentication. The Co-WIN system does not allow sharing of vaccinated beneficiaries’ data with any Telegram Bot without OTP authentication. Additionally, the system only captures the Year of Birth (YOB) for adult vaccination, contrary to claims on social media suggesting that the BOT has access to Date of Birth (DOB) and address information, which is not captured.

The development team of Co-WIN has confirmed that there are no public APIs where data can be accessed without OTP authentication. While some APIs have been shared with trusted third parties like the Indian Council of Medical Research (ICMR) for data sharing, these APIs have specific features and can only be accessed by trusted white-listed applications.

ALSO READ: Victim Of A Cyber Attack? Now Dial 1930 & 155260 To Register Complaint And Get Your Money Back

In response to the allegations, the Union Health Ministry has requested the Indian Computer Emergency Response Team (CERT-In) to investigate the matter thoroughly and provide a detailed report. An internal review of the existing security measures of Co-WIN has also been initiated to ensure the continued protection of data.

In its initial report, CERT-In has highlighted that the backend database of the Telegram Bot did not directly access the Co-WIN database APIs, further affirming the security measures in place.

KEY HIGHLIGHTS

  • Rajeev Chandrasekhar, India’s Minister of State for Electronics and Information Technology, assures the public that the Cowin app and its database have not been directly breached.
  • The Indian government has finalized the National Data Governance policy to establish a common framework for data storage, access, and security standards across all government entities.
  • The Co-WIN portal of the Ministry of Health incorporates multiple security measures, including a Web Application Firewall, Anti-DDoS protection, SSL/TLS encryption, regular vulnerability assessments, and Identity & Access Management protocols.
  • Only OTP authentication-based access is provided on the Co-WIN portal to ensure data privacy and security.
  • The Ministry of Health has requested CERT-In to investigate the alleged data breaches and submit a detailed report.

Follow The420.in on

 Telegram | Facebook | Twitter | LinkedIn | Instagram | YouTube

Related Topics:
Continue Reading