The government on Wednesday pulled up its own third party company, hired for the Aarogya Setu App, which published a 'malicious article' about the App.
The Ministry of Electronics and Information Technology (MeitY) noticed that the company -- Security Brigade -- had published an article making various malicious, nefarious and unsubstantiated claims on security issues in Aarogya Setu App.
Security Brigade, is an agency, empanelled by the Indian Computer Emergency Response Team (CERT-In) under the MeitY and it was one of the reviewers of Aarogya Setu code and confidential information relating to the code was shared with the firm.
According to government sources, the agency was given access as an internal review arrangement, but it misused the information shared with it.
When asked about what actions the government can take now, a MeitY official said, "The unethical person has deleted the post and it's no longer available. We are investigating the same and will give details soon."
Security Brigade on its own platform 'ShadowMap' had published a 10 page blog detailing how it was managing Aarogya Setu App.
Titled 'Inside Aarogya Setu: How we got access into the world's fastest growing mobile application', it wrote a story about how ShadowMap discovered the source-code for the complete Aarogya Setu platform including its back-end infrastructure being exposed on the public Internet.
The government is expected to take stern action against the company now.