Share news article

Share on facebook
Share on twitter
Share on linkedin
Share on email

Covid antigen test results of 1.7m Indian and foreign nationals leaked online

An Elasticsearch server belonging to a healthcare software provider in India is currently exposing the Covid antigen test results of Indians and foreign nationals who traveled to or from India in the last couple of years.

It is worth noting that these tests were taken through a rapid antigen kit known as Covi-Catch. Covi-Catch is an Indian Council of Medical Research (ICMR) approved self-testing kit for COVID-19.

This was confirmed to by Anurag Sen, a prominent independent security researcher. What’s worse, the server is still exposed and publicly accessible without any security authentication or password. Originally, the server is being exposed since July, 2nd, 2022.

It all started when Anurag scanned for misconfigured databases on Shodan and noted a server exposing more than 23GB worth of data to public access. Anurag said that the server belongs to a company based in Gurgaon, Haryana, India, but we would not share the name of the company in this article because the server is still exposed.

What data is being exposed?

Anurag’s analysis of the server revealed that the exposed records are actually Covid antigen test results, while the number of victims in the incident is over 1.7 million. These results not only comprise personal records but medical records of travelers including the following information:

  • Gender
  • Full names
  • Nationality
  • Date of birth
  • Full addresses
  • Phone numbers
  • Vote ID numbers
  • Covid test results
  • Aadhaar numbers
  • Passport numbers
  • Underlying medical conditions
  • Vaccine details (vaccine type, vaccine taken or not)

And much more…

The screenshot shows records of American, Canadian, and Indian citizens being exposed online (Image: via Anurag Sen)

No Response from the company

Anurag contacted the culprit company through the email address mentioned on their website. However, it has been over a week and there is no response from them. Amid this, the server is still exposed.

Although exposing sensitive data of unsuspecting users to cybercriminals is a blunder, not responding to researchers and not caring about the mess up is simply irresponsible.


It is yet unclear whether a third party accessed the database with malicious intent, such as ransomware gangs or threat actors. However, if it did, it would be devastating for the victim and the healthcare firm responsible for the server.

Furthermore, considering the extent and nature of the exposed data, the incident can have far-reaching implications, such as bad actors downloading the data, carrying out phishing scams, or identity theft-related fraud.

Hackers can hold the company’s server or data for ransom and leak it on cybercrime forums if their demands are not met. Nevertheless, the victims in this situation are travelers who trusted authorities with their personal information.

  1. MyEasyDocs Exposed 30GB of Israeli and Indian Students’ PII Data
  2. Chinese Adult Site Leaking 14 Million User Details – and It’s Increasing!
  3. Scoop: Australian Trading Giant ACY Securities Exposed 60GB of User Data
  4. Major Database Mess Up Leaves Indian Fed Police, Banking Records Exposed
  5. Hacker Selling Shanghai Police Database with Billions of Chinese Citizen Data


I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related News

New Backdoor Attack Uses Russian-Ukrainian Conflict Phishing Emails

New Backdoor Attack Uses Russian-Ukrainian Conflict Phishing Emails

The primary targets of this phishing campaign are located in the Ukrainian regions of Crimea, Donetsk, and Lugansk, which were…
CyberSecure Announces Strategic Alliance

CyberSecure Announces Strategic Alliance

BETHESDA, Md., March 24, 2023 /PRNewswire/ — Cybersecure IPS and LockDown Inc. jointly announce that they have entered a strategic alliance to…
Tesla Model 3 Hacked in Less Than 2 Minutes at Pwn2Own Contest

Tesla Model 3 Hacked in Less Than 2 Minutes at Pwn2Own Contest

Researchers from France-based pen-testing firm Synacktiv demonstrated two separate exploits against the Tesla Model 3 this week at the Pwn2Own…