CoWIN data "breach": investigation focuses on possible breaches from 11 states

CoWIN data was not compromised, according to representatives from the Indian Computer Emergency Response Team (CERT-In) who spoke to a parliamentary hearing on Thursday.

The parliamentary committee on communication and IT met on Thursday to talk about the privacy and security of citizen data.

The Ministry of Electronics and Information Technology (MeiTY) officials testified before the parliamentary standing committee and stated that they were looking into the matter.

The committee was informed by the officials that the information stolen by bots was compiled from a number of sources.

CoWIN was a portal that was impenetrable "government representatives stated.

The secretary, a second secretary, and three other officials, including scientists from the MeiTY, were present at the meeting.

According to a legislator quoted in a report by ANI, "government authorities defended the CoWIN portal by claiming it operated on a one-time password (OTP) system."

"They refused to explain how hospital names and passport and immunisation records were made public online by bots, "added he.

The health ministry had previously rejected the allegations of a data breach from the CoWIN portal, calling the claims "baseless" and "mischievous in nature." "The Health Ministry's CoWIN portal has sufficient privacy protections and is totally secure. The CoWIN site also features a number of security precautions. Only OTP-based authentication is offered for data access. To maintain the security of the data in the CoWIN portal, every precaution has been taken and is being taken "a press statement stated.