The Indian Railways suffered a data breach on December 27, in which the data of over 30 million users was compromised.
It was discovered that a hacker forum user was selling 30 million Indian Railway user records. There is no information regarding the identity of this user, who went by the alias "shadowhacker".
According to the hacker, the data includes name, email, phone number, gender, and other personal information. Additionally, the user mentioned that the data contains multiple government email addresses.
Neither the authenticity of the data nor how it was accessed has been verified by security researchers. The Indian Railways is yet to comment on this breach.
Along with the data, the hacker offers details of the vulnerabilities "we used" on the website. There was no mention of whether the website is the IRCTC booking portal or the Indian Railways website.
This is not the first time that the Indian Railways has suffered from a data breach. In 2020, the personal information of over nine million Indian railway ticket buyers, including their IDs, was found online. This company discovered a dark web post stating that a million users' data was stolen sometime in 2019.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
Find the best of Al News in one place, specially curated for you every weekend.
Stay on top of the latest tech trends and biggest startup news.
