Cyber fraud, impersonation is possible when CoWIN portal leaks personal data

Hacking | Hacker | (Photo - Istockphoto/towfiqu ahamed)
Representational image. Photo: Istockphoto/towfiqu ahamed

What happens when your personal information is leaked? Let's examine.

Cyber frauds

The details, such as the individual's name, Aadhaar/Passport/PAN card numbers, date of birth, names of relatives and their details, could be used for committing social engineering frauds.

For instance, fraudsters, feigning to be from official agencies, could contact us over the phone and provide these details to win our confidence. We might even follow their instructions.


Fraudsters/marketing firms could use the phone number(s) we have provided. Those who would travel abroad normally give their passport number to get an international CoWIN certificate. Once the data is leaked, marketing firms could identify and contact possible travellers within a specific group (target audience), say, those in the 30-40 age group.

Fake documents

Fraudsters could forge documents using the leaked data and information sourced from the individual's social media platforms. They could even impersonate the individual.


The individual's year/date of birth could be used for marketing purposes. For instance, a list of under-25 group could be created to formulate marketing strategies.

Family details

Several families have registered on the CoWIN portal using a single number. In such cases, the fraudsters get a clear picture of the entire family.

The comments posted here/below/in the given space are not on behalf of Onmanorama. The person posting the comment will be in sole ownership of its responsibility. According to the central government's IT rules, obscene or offensive statement made against a person, religion, community or nation is a punishable offense, and legal action would be taken against people who indulge in such activities.