Aarogya Setu team contacts hacker claiming security risk in India's flagship Covid app

The Centre on Wednesday has issued a statement regarding data security of the Aarogya Setu App after a French hacker Robert Baptiste, who goes by Elliot Alderson on Twitter, claimed that there are security issues with the government’s flagship Covid contact tracing platform. In its statement, Aarogya Setu Team assured the citizens that no security or data breach has been identified, and thanked the 'Ethical hacker'.

'No data or security breach has been identified'

"No personal information of any user has been proven to be at risk by this ethical hacker. We are continuously testing and upgrading our systems. Team Aarogya Setu assures everyone that no data or security breach has been identified," the statement reads, adding technical details.

It added, "We thank this ethical hacker on engaging with us. We identify any users who identify a vulnerability to inform us immediately at support.aarogyasetu@gov.in. Your continuous support will help us keep the App even more secure."

The statement also included a detailed clarification on the points of the 'app fetching user locations on a few occasions' and 'User can get the COVID-19 stats displayed on Home Screen by changing the radius and latitude-longitude using a script'. The hacker raised his concerns on these points during the conversation with the Aarogya Setu Team. 

'Sophisticated surveillance system'

The hacker on Tuesday claimed that a security issue has been found in the app and added that Congress leader Rahul Gandhi 'was right' about the app. A few days ago, Rahul Gandhi had claimed that the Aarogya Setu mobile application, designed to help users to identify whether they are at risk of the COVID-19 infection and provides people with important information, including ways to avoid coronavirus and its symptoms, is a "sophisticated surveillance system". The hacker went on to claim that the lapse may have been by design.

READ | Indian Navy launches 'Operation Samudra Setu' to repatriate Indians from Maldives

READ | MHA issues SOP for evacuation of Indian nationals stranded abroad, priority to distressed

Technology can help keep people safe, but fear must not be used to track citizens without their consent, the Congress chief had said.

Aarogya Setu was launched by the Indian government on April 2 as the official app to help with contact tracing efforts. The app has been promoted by Prime Minister Narendra Modi and other BJP leaders and has been downloaded over 9 crore times already. The Centre has recently made the app mandatory for individuals in containment zones for COVID-19, and for all government officials.

READ | BJP slams Rahul Gandhi over praise for Pulitzer Prize winners, objects citation on Kashmir

READ | COVID-19: From zero, India now produces around 2 lakh PPE kits per day