- India’s most populous state, Uttar Pradesh’s internal COVID-19 platform had multiple bugs that exposed citizens’ data.
- A team of security researchers found that the state‘s internal coronavirus monitoring portal, Surveillance Platform Uttar Pradesh Covid-19, had many bugs:
- Firstly, the git where the platform’s code was stored was unsecured and contained visible login credentials of admin account. This means attached could log into the platform and see all private data
- On top of this, most generated passwords were just four digits and many admin accounts also shared the same logins.
- Researchers also found a link to database of testing data of 8M people from many other regions of India as the platform is integrated with data acquired by India’s central government.
(The Next Web)