Wednesday, January 20, 10:15
Home security COVID-19 Tracking Tool reports data from millions of users

COVID-19 Tracking Tool reports data from millions of users

A tool which monitors the spread of COVID-19, which was built by its state government Uttar Pradesh, personally reported data about 8 million Indian citizens.


Η VPNmentor conducted a study on this COVID-19 monitoring tool, named Surveillance Platform Uttar Pradesh COVID-19 and found that it was violated on August 1, which led to leakage data.

The researchers found that there were several vulnerabilities that could jeopardize the platform virus monitoring. However, what ultimately led to the breach was the lack of security measures.

VPNmentor researchers note that the Uttar Pradesh regional government developed the tool as part of a large-scale mapping project. Its primary purpose was to detect and detect coronavirus patients throughout India and the lack of "data security protocols left access to the platform open", revealing the data of millions in India.

Investigators they claim that the COVID-19 detection tool contained many vulnerabilities, which exposed users' personal data. Exposed data includes the full names, gender, age, home address and contact numbers of all people who have tried the tool.

The data was secured one month after the violation was discovered. According to VPNMentor analysts, Ran Locar and Noam Rotem, the first vulnerability was found in an unsecured and unencrypted git repository, which included usernames, administrator accounts, and passwords stored on the platform.

Based on this discovery, the researchers found an exhibit Web Index, which contained a list of CSV file directories. It contained information on all known COVID-19 cases in the UP and other locations in India.

Sensitive private data, including the full name, telephone numbers, addresses and test results of some 8 million citizens, was part of the list. The list also contained information about foreign residents and health care workers and was not password protected.

There is no evidence that any malicious agent used the exposed data for fraud, but researchers believe that the impact of vulnerabilities on the monitoring tool could be widespread.


Please enter your comment!
Please enter your name here

Absent Mia
Absent Mia
Being your self, in a world that constantly tries to change you, is your greatest achievement


Trump: US cloud providers will file foreign customers

The most controversial president of the United States, Donald Trump, signed an executive order shortly before his departure, which obliges the ...

Tesla: Seeks man to help Musk handle Twitter complaints

It has been reported that Tesla no longer has a public relations department to handle questions from journalists. It seems, however, that it is necessary ...

Chinese team hacking behind theft of passenger data

In recent years, a Chinese hacking team is believed to be behind dozens of attacks on airlines in order to ...

The creator of PUBG is planning an IPO worth $ 27,2 billion! Ο δημιουργός του PUBG, Kim Chang-han, σχεδιάζει IPO (Αρχική Δημόσια Προσφορά ή εισαγωγή στο χρηματιστήριο) η...

Slack: How to turn off automatic conversion to Emoji

Emoji are everywhere now. In many applications - such as Slack - you can not type a simple emoticon based on ...

Malware FreakOut: Infects "Linux hosts" that run vulnerable software

An active malicious campaign is currently targeting critical Linux devices running software. Its purpose is to infect ...

Facebook Messenger vs WhatsApp: Which is worse for privacy?

In recent days, WhatsApp has been at the center of discussions, due to issues that have arisen regarding the privacy of ...

Apple sued! They want to remove Telegram from the App Store

Although Telegram has become very popular in the world in recent days, it also receives a lot of negative reviews. A former ambassador of ...

VLC for macOS has been updated with full support for M1 Macs

VLC is one of the most popular media players and the macOS version is currently receiving a major update with full ...

Google Maps adds precise details to 4 city roadmaps

The Google Maps app received an update in August last year, which added more color to the physical maps to ...