Data breach: Data of 3 crore Indian Railways passengers being sold on dark web
Data of around three crore travellers registered with the Indian Railways has been hacked and reportedly put on sale on the Dark Web, as per reports. It has been claimed by the hackers that the Indian Railways data is one of the biggest data ever hacked by anyone.
Indian Railways data breached: Report
Earlier, a China-based hacker had hacked the technical systems of AIIMS, New Delhi. They had, in fact, taken the whole server into their control, but it was later taken back from their possession.
The data of Indian Railway, put on sale on a forum being run by cybercriminals, has user data, and invoices for the latest month.
“The hacked data has usernames, emails, mobile numbers, gender, full address, and their language preferences. The data is of users who book tickets from Indian Railway portal,” a source said.
The hacker, who uses the pseudonym ‘Shadohacker’, has also claimed that he has data on government persons having government email IDs and their cell phone numbers.
As of now, the Indian Railways has not made any official comment on the matter.
This is the second time when data of Indian Railway ticket buyers have been hacked, after a similar case in 2020.
IRCTC responded with a statement on the matter:
An incident regarding Indian Railway data breach has been reported in the media. In this connection it may be submitted that Railway Board had shared a possible data breach incident alert of CERT-In to IRCTC reporting a data breach pertaining to Indian Railways passengers.
On analysis of sample data it is found that the sample data key pattern does not match with IRCTC history API. Reported/suspected data breach is not from the IRCTC servers.
Further Investigation on the data breach is being done by IRCTC. All IRCTC Business Partners have been asked to immediately examine whether there is any data leakage from their end and apprise the results along with corrective measures taken to IRCTC.
–With inputs from IANS
The post Data breach: Data of 3 crore Indian Railways passengers being sold on dark web appeared first on BGR India.
Data of around three crore travellers registered with the Indian Railways has been hacked and reportedly put on sale on the Dark Web, as per reports. It has been claimed by the hackers that the Indian Railways data is one of the biggest data ever hacked by anyone.
Indian Railways data breached: Report
Earlier, a China-based hacker had hacked the technical systems of AIIMS, New Delhi. They had, in fact, taken the whole server into their control, but it was later taken back from their possession.
The data of Indian Railway, put on sale on a forum being run by cybercriminals, has user data, and invoices for the latest month.
“The hacked data has usernames, emails, mobile numbers, gender, full address, and their language preferences. The data is of users who book tickets from Indian Railway portal,” a source said.
The hacker, who uses the pseudonym ‘Shadohacker’, has also claimed that he has data on government persons having government email IDs and their cell phone numbers.
As of now, the Indian Railways has not made any official comment on the matter.
This is the second time when data of Indian Railway ticket buyers have been hacked, after a similar case in 2020.
IRCTC responded with a statement on the matter:
An incident regarding Indian Railway data breach has been reported in the media. In this connection it may be submitted that Railway Board had shared a possible data breach incident alert of CERT-In to IRCTC reporting a data breach pertaining to Indian Railways passengers.
On analysis of sample data it is found that the sample data key pattern does not match with IRCTC history API. Reported/suspected data breach is not from the IRCTC servers.
Further Investigation on the data breach is being done by IRCTC. All IRCTC Business Partners have been asked to immediately examine whether there is any data leakage from their end and apprise the results along with corrective measures taken to IRCTC.
–With inputs from IANS
The post Data breach: Data of 3 crore Indian Railways passengers being sold on dark web appeared first on BGR India.
