On June 10, DarkTracer, a criminal intelligence profiling platform, posted a tweet saying that a hacker group that goes by the name “Dark Leak Market” has allegedly leaked the CoWIN Portal database on the dark web. They shared a screenshot of the post in which the hackers claimed to be reselling the database for $800. They also claimed that they are not the “original leakers” of the data. In the tweet, DarkTracker said that the hackers posted the information of about 150 million vaccinated people.
[ALERT] Dark Leak Market on the DarkWeb has posted a post selling information of 150 Million COVID19 Vaccinated People of India. pic.twitter.com/32Chmcao9W
— DarkTracer : DarkWeb Criminal Intelligence (@darktracer_int) June 10, 2021
In the screenshot, the alleged hacking group claims that they have details like name, mobile number, Aadhaar ID, GPS location state etc of the vaccinated people from the CoWIN portal. They have added they are the only reseller of the data, and they have not leaked the same.
Experts rubbished the claims
Internet Security Researcher Rajshekhar Rajaharia, however, rubbished the claims. He said that the alleged hacking group is trying to make money by selling fake data in the name of leaked data from the CoWIN portal. In a tweet thread, Rajshekhar said, “Cowin Portal not hacked!! Some Fake #DarkwebLeakMarket are claiming to sell data of 150 Million COVID19 Vaccinated People of India. It’s completely fake. It’s a Bitcoin Scam. Don’t Trust. Check Screenshots. They are listing fake leaks.”
This market is frequently posting fake data leaks and scamming people. They are just taking Bitcoin for nothing. Data Sample also not available anywhere.#InfoSec #DataLeak https://t.co/kczBywifcJ
— Rajshekhar Rajaharia (@rajaharia) June 10, 2021
He further added that the said market is known for posting fake data leaks and scamming people. “They are just taking Bitcoin for nothing. Data Sample also not available anywhere.”
OpIndia contacted Rajshekhar to learn more about the claim and why there is nothing to fear. He said, “For someone unknown to such dubious claims, it can be an alarming situation. However, in reality, the hackers who claim to have access to the database are known for posting fake claims. There is nothing to fear, and the Cowin Portal is absolutely safe.”
Sanjeev Gupta, Secretary, ISCS, Home Ministry, GoI echoed with Rajshekhar’s explanation and said, “I trust Rajshekhar more and hence won’t get swayed by these Dark Tracer & other such handles. So, there has been no hack of #CowinPortal. There is just no need for panic. Will check with official sources as well, if need be.”
I trust @rajaharia more and hence won’t get swayed by these Dark Tracer & other such handles. So, there has been no hack of #CowinPortal. There is just no need for panic. Will check with official sources as well, if need be. https://t.co/m64i1Hs9Ns
— Sanjeev Gupta (@sanjg2k1) June 10, 2021
Sunny Nehra, Admin at Hacks And Security, said, “99% of the darknet forums, 99% of the posts we get on shady forums meant for data or tools are merely scams. People talk about the darknet everywhere, but they need to understand that least things are authentic there. It’s like you will get the ad of red rooms everywhere, but no one could ever prove that it exists… no proofs till date.”
Ministry denies the claim
Following the reports of alleged hacker group selling CoWIN data, the union health ministry issued a statement debunking the claims. The ministry said that prima facie the reports appear to be fake, however, the Union Health Ministry and the Empowered Group on Vaccine Administration (EGVAC) are getting the matter investigated by the Computer Emergency Response Team under the Ministry of Electronics and Information Technology.
“Our attention has been drawn towards the news circulating on social media about the alleged hacking of Co-WIN system. In this connection we wish to state that Co-WIN stores all the vaccination data in a safe and secure digital environment. No Co-WIN data is shared with any entity outside the Co-WIN environment. The data being claimed as having been leaked such as geo-location of beneficiaries, is not even collected at Co-WIN. The news prima facie appears to be fake. However, we have asked the Computer Emergency Response Team of MeitY to investigate the issue,” said Dr RS Sharma, the chairman of Co-WIN portal, said in the statement.
Union Health Minister Dr Harsh Vardhan also tweeted that the report of the CoWIN data leak is fake. He also informed that the portal does not even collect GPS location data of the beneficiaries, that the alleged hackers have claimed to be having with them from the ‘leak’. He added that all data on CoWIN is stored in a secure digital environment and is not shared with anyone outside of it.
