wordpress blog stats
Connect with us

Hi, what are you looking for?

Vaccination details of 1.5 crore Tamil Nadu citizens published online “accidentally”, says government official

Although the list was removed from the website, it is possible that by that time copies of the list were already made.

A list containing details of nearly 1.5 crore partially-vaccinated individuals in Tamil Nadu had been uploaded to the State’s Department of Public Health and Preventive Medicine’s (DPHPM) website, it emerged over the weekend. The list contained details such as the names, vaccination dates, beneficiary ID, etc of individuals, organised by their districts, according to an archived version of the list viewed by MediaNama.

A master list was uploaded onto the DPHPM’s website which further linked out to sheets containing district-wise details. T.S. Selvavinayagam, Director of the DPHPM told MediaNama that the list was uploaded accidentally and was part of the department’s internal initiative to help officials conduct outreach among those overdue the second dose of their Covid-19 vaccination.

The list was removed from the website on May 6th after a public outcry online, however, it is possible that by that time copies of the list were already made. Further, CS Akshay, an independent security researcher, told MediaNama, that data in the district-wise lists was still accessible to the public.

The publication of such details raises concerns about the privacy and autonomy of unvaccinated individuals in the State.

Details of the document the Tamil Nadu government uploaded

  • The document was uploaded and displayed on the DPHPM website’s homepage as ‘District wise/ Block wise list of beneficiaries eligible for 2nd dose yet to be vaccinated’
  • The master list, a Google Sheets document, links out to 46 district-wise organised Google Sheets of all partially vaccinated individuals in the State.
  • The district-wise lists further the district, block, session site ID and name, beneficiary name, 14-digit beneficiary reference ID, type of COVID-19 vaccination centre, vaccine name, the date of the first dose and the number of days a beneficiary was overdue for the second dose.
  • The aforementioned data may also have been published for child beneficiaries, as data for Corbevax recipients were also in the lists. Corbevax has only been cleared for children.
  • It is not clear how long the data was public, although according to metadata on the file, it was created on 25th April. However, Selvavinayagam said the data may not have been public throughout the intervening time as his department had also been collating the data into the sheets for 7-10 days.

A recap of several pandemic-related data breaches

The Covid-19 pandemic has led to many such leaks or breaches of personal data. In early 2020, shortly after the pandemic began, data was similarly leaked and circulated of citizens who had recently travelled abroad or had contracted Covid-19.  Below are a few instances of the same:

March 2020:

  • A government database of individuals mandated to home quarantine in Gurugram was reportedly leaked.
  • The same month, personal information of 722 residents of New Delhi- who had been mandated home quarantine- including phone numbers, full address, and passport numbers, were circulated on WhatsApp.
  • A list of 15,000 individuals, with their addresses and phone number, mandated home quarantine was uploaded by Karnataka’s Health Department on Twitter.

May 2020: Names, phone, and location details of at least 5,400 people put under quarantine and tracked by Madhya Pradesh’s Sarthak app, used to track people required to quarantine were reportedly leaked.

Also Read:

Have something to add? Post your comment and gift someone a MediaNama subscription.

Written By

I cover health technology for MediaNama but, really, love all things tech policy. Always willing to chat with a reader! Reach me at anushka@medianama.com

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Due to the scale of regulatory and technical challenges, transparency reporting under the IT Rules has gotten off to a rocky start.


Here are possible reasons why Indians are not generating significant IAP revenues despite our download share crossing 30%.


This article addresses the legal and practical ambiguities in understanding the complex crypto ecosystem in India.


It is widely argued that the PDP Bill report seeks to discard the intermediary status of social media platforms but that may not be...


Looking at the definition of health data, it is difficult to verify whether health IDs are covered by the Bill.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ