The team from CloudSEK stated that there are various healthcare worker credentials for the CoWIN site available on the dark web. This vulnerability, however, derives mostly from insufficient endpoint security protections deployed for healthcare personnel