This Article is From Dec 08, 2023

No Bulk Data Download From Co-WIN: Centre On Data Breach Allegations

The CoWIN portal is the repository of all data of people who have been vaccinated against COVID-19.

No Bulk Data Download From Co-WIN: Centre On Data Breach Allegations
New Delhi:

Investigations into the reported data breach on the CoWIN portal have ascertained that there was no bulk data download from its beneficiary database, Union Minister for State for Health S P Singh Baghel told the Lok Sabha on Friday.

The CoWIN portal of the Union health ministry already has adequate security measures and safeguards for data privacy with Web Application Firewall (WAF), Anti-DDoS and SSL/TLS (regular vulnerability assessment) identity and access management, the minister said in a written reply in the Lower House.

The CoWIN portal is the repository of all data of people who have been vaccinated against COVID-19.

"There were media reports of apparent breach of CoWIN data of beneficiaries who have received Covid vaccination in the country. The matter was investigated and analysed by CERT-In under the Ministry of Electronics and Information Technology and it was ascertained that there was no bulk data download from Co-WIN beneficiary database," Baghel said.

In view of media reports on CoWIN data breach, additional steps have been taken to strengthen data safety on the portal, he said.

A two-factor authentication feature (password and OTP) for login by users has been put in place on the CoWIN portal and all log trails of users are captured and stored securely in its database, he said.

Password reset has been done for all service providers registered on CoWIN. The CoWIN security audit has been completed and it would be undertaken on a regular basis (every quarter), Baghel said. 

(Except for the headline, this story has not been edited by NDTV staff and is published from a syndicated feed.)

.