According to media reports, the bot has been allegedly giving away details like date of birth, phone number, Aadhar details, PAN number, and even passport details, among others and the same can be accessed by anyone.
After reports emerged that data and personal information of citizens who registered on the CoWIN app for Covid-19 vaccination, are allegedly now available freely on Telegram app, the Indian Government's Ministry of Electronics and Information Technology official has said that it is 'old data'.
“It is old data, we are still verifying it; we have sought a report regarding the same", a person familiar with the development in Ministry of Electronics and Information Technology said.
According to media reports, the bot has been allegedly giving away details like date of birth, phone number, Aadhar details, PAN number, and even passport details, among others and the same can be accessed by anyone.
The information can be easily fetched by entering the phone number or Aadhar number of an individual.
A tweet by All India Trinamool Congress spokesperson Saket Gokhale earlier in the day revealed that the details of Rajya Sabha MP and TMC leader Dered O'Brien, former Union Minister P Chidambaram, Congress leaders Jairam Ramesh and K C Venugopal, journalists Rajdeep Sardesai (India Today) and Barkha Dutt (Mojo Story), were among those that were leaked in a similar way.
Congress MP Karti Chidamabaram, who alleged that his personal data was also leaked, demanded answers from Union Information Technology minister Ashwini Vaishnaw.
Accusing the government of ignoring privacy issues, he tweeted, “In its 'Digital India' frenzy, Government of India has woefully ignored citizen privacy. Personal data of every single Indian who got COVID-19 vaccination is publicly available. Including my own data. Who let this happen? Why is Government of India sitting on a data protection law?”
The CoWIN portal was extensively used during the Covid-19 vaccination drive wherein most Indians had registered on the portal using their phone numbers. On CoWIN app, the details of registered users are only visible after entering a one-time password (OTP). In contrast, using the Telegram bot, details could be acessed without the use of an OTP.
The authorities are yet to issue an official satement on the alleged massive data breach.