The hacker behind the CoWIN data leak has come forward and claimed responsibility for the recent breach related to the platform, which is used for Covid-19 vaccination registration. In an exclusive interaction with India Today, the hacker explained that he did not breach the CoWIN platform itself, but instead found vulnerabilities in an associated platform. He did not name the platform. The hacker operated a Telegram chatbot that generated personal details of vaccinated individuals, and they accessed this information through the vulnerabilities in the other platform.
Earlier reports suggested that the entire CoWIN data had been hacked and leaked on Telegram. The screen grabs of leaked data included personal information such as names, mobile numbers, Aadhaar card details, PAN card details, date of birth, and vaccination center information. In some instances, even the passport details were leaked.
It was accessible to anyone who joined a specific Telegram group and entered the target’s mobile number or Aadhaar number.
To verify the hacker’s legitimacy, India Today asked them to post a specific message in the Telegram group used to query the leaked data. After the hacker posted and later deleted the message, their credentials were established. The hacker admitted that the results generated by the Telegram chatbot were accessed through a vulnerability in another platform associated with the Health Ministry, which focuses on child health.
By accessing this platform, the hacker was able to retrieve the details of Auxiliary Nurse Midwives (ANMs) and subsequently fetch the same data by running a query via Telegram.
Contrary to the previous reports, the hacker clarified that there was no mass dump of CoWIN data available. However, the vulnerability allowed individuals’ data to be retrieved if their phone numbers or Aadhaar numbers were accessible. The hacker claimed not to have earned any money from the data.