HomeNewsA security flaw in Docket leaked COVID-19 vaccine records of several users

A security flaw in Docket leaked COVID-19 vaccine records of several users


We independently research, test, review, and recommend the best products—learn more about our process. If you buy something through our links, we may earn a commission. learn more

Last Updated on 22/11/2021 by Riya

A security flaw in the health application Docket disclosed the personal data of citizens of Utah and New Jersey who had been immunized against COVID-19. Docket obtains immunization data from their state’s health department to allow users to view and keep digital proof of their vaccinations.

The data on the digital copy is identical to the data available on the print COVID-19 card, however, it is electronically verified by the state to prevent fraud. This electronic vaccine passport will let individuals display their immunization history or a scannable QR code to attend events and visit restaurants, and nations where displaying a vaccine passport is compulsory.

For a limited period, the app permitted anybody to view the QR codes and private vaccination data of immunized users including Name, birth date, and data regarding a person’s COVID-19 vaccination. The Docket’s servers were not verifying if the user seeking a QR code was authorized to do so.

This could be a huge security flaw that allows hackers to access users’ immunization details. The security flaw came to light after TechCrunch identified it and promptly alerted the firm. After which the company rectified the flaw a few hours later.

Riya is a technology enthusiast and an avid researcher. She writes about consumer tech, hacking, and technology consumer issues at TheDigitalHacker.
- Advertisment -

Must Read

Data Science Drives Personalized Marketing and Customer Engagement to New Heights...

Personalized marketing and customer engagement are crucial for businesses to thrive in the current digital era. Because data science makes it possible for marketers...