Your Aadhaar & PAN Details Floating On Telegram? What To Know About Massive CoWIN Breach

A startling data breach report emerged on Monday, revealing that the personal details of Indian citizens, including Aadhaar and PAN card information, are available on the messaging platform, Telegram.

What Happened? Malayala Manorama, a popular Kerala-based daily revealed the data leak and linked it to the CoWIN portal, where people register their personal details for Covid vaccination.

The daily discovered that when they entered a mobile number registered with the CoWIN portal into a Telegram bot, it revealed the ID card number used for vaccination, the person’s gender, birth year, the name of the vaccination centre, and the number of doses they’ve received.

Benzinga India reached out to the National Health Authority and the Ministry of Electronics and Information Technology for comment, but there has been no statement at the time of writing.

Why should you be worried? The report suggests that the breach exposes Aadhaar card, voter ID, and PAN card numbers of Indian citizens to anyone using Telegram.

Further, all the details of individuals registered under the same phone number on the CoWIN portal were immediately accessible. Since many family members often register under a single phone number, the bot could disclose information about other family members as well.

On the CoWIN portal, such details are only available after entering a One Time Password (OTP) sent to the registered phone number. However, on the Telegram channel, the bot revealed these details without requiring an OTP.

After reports of the leak emerged, authorities promptly blocked the bot, making it no longer accessible on Telegram.

Read next: UPI-Related Frauds Dominate Digital Payments Landscape In India, Report Finds

Don't miss a beat on the share market. Get real-time updates on top stock movers and trading ideas on Benzinga India Telegram channel.

Posted In: AadhaarCoWINdata breachPAN Card