 "Hackers don't have access to entire CoWIN portal or database: Researchers")
Cyber-security researchers on Tuesday said that hackers do not have access to the entire CoWIN portal nor the backend database, after a Telegram bot leaked Indians' data.
Based on matching fields from Telegram data and previously reported incidents affecting health workers, the team from cyber-security company CloudSEK said that the information was scraped through these compromised credentials and the claims need to be verified individually.
CloudSEK's contextual AI digital risk platform XVigil discovered a threat actor advertising a Telegram bot that offered personally identifiable information (PII) data of Indian citizens who had allegedly registered vaccines from the CoWIN portal."It is believed that the threat actors have obtained multiple credentials belonging to health workers, which they can use to access the CoWIN portal and its associated data," according to researchers.
On March 13, 2022, a threat actor on a Russian cybercrime forum advertised compromised access to the CoWIN portal, sharing a screenshot of the CoWIN database portal affecting the Tamil Nadu region.
"There are numerous healthcare worker credentials available on the Dark Web for the CoWIN portal, highlighting the need for better endpoint security measures for healthcare workers," the team highlighted.
The Union Ministry of Health and Family Welfare (MoHFW) on Monday dubbed the alleged data breach of Covid-19 vaccine beneficiaries as "mischievous in nature", saying that the CoWIN portal is completely safe with adequate safeguards for data privacy.
The Ministry also said that it has requested the Indian Computer Emergency Response Team (CERT-In) to look into this issue and submit a report, besides initiating an internal exercise to review the existing security measures of CoWIN.
According to cyber-security researchers, the Covid data bot was offered by a channel called 'hak4learn', which frequently shared hacking tutorials, resources, and bots for individuals to access and buy.
Initially, the bot was available for everyone to use, but it was later upgraded to be exclusive to subscribers.
"The bot is currently down and might come up later as mentioned by the admin of the channel," said CloudSEK.
Union Minister of State for Electronics and IT, Rajeev Chandrasekhar had said that it does not appear that the CoWIN app or database has been directly breached.
--IANS
na/ksk/
(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)
You’ve reached your limit of {{free_limit}} free articles this month.
Subscribe now for unlimited access.
Already subscribed? Log in
Subscribe to read the full story →
Smart Quarterly
₹900
3 Months
₹300/Month
Smart Essential
₹2,700
1 Year
₹225/Month
Super Saver
₹3,900
2 Years
₹162/Month
Renews automatically, cancel anytime
Here’s what’s included in our digital subscription plans
Exclusive premium stories online
Over 30 premium stories daily, handpicked by our editors
Complimentary Access to The New York Times
News, Games, Cooking, Audio, Wirecutter & The Athletic
Business Standard Epaper
Digital replica of our daily newspaper — with options to read, save, and share
Curated Newsletters
Insights on markets, finance, politics, tech, and more delivered to your inbox
Market Analysis & Investment Insights
In-depth market analysis & insights with access to The Smart Investor
Archives
Repository of articles and publications dating back to 1997
Ad-free Reading
Uninterrupted reading experience with no advertisements
Seamless Access Across All Devices
Access Business Standard across devices — mobile, tablet, or PC, via web or app