Indian Railway: Customer data exposed on the dark web

12/29/2022Asia, Cybercrime, Darknet News

Millions of Indian Railway users’ personal information appears to have been exposed online. According to rumors, a hacker has put the data up for sale on the dark web. Only a few days have passed since the All India Institute of Medical Science (AIIMS), India’s premier medical institution, was alleged to have had a data breach. Here is what we currently know on the most recent data breach.

Hackers allegedly acquired a large amount of user data, including email, mobile number, address, age, and gender, according to a report from Times Now.

According to the hacker, the group also compromised the billing information and trip records of Indian Railway customers. Both user information and information about people’s bookings are included in the stolen data. A buyer can only get five copies of the data for $400 per copy, according to the forum. According to a report by IndiaTimes, those who want exclusive access to the data will need to pay between $1,500 and $2000 for the data and vulnerability details.

According to reports, the data breach happened on December 27. On a hacker forum, information regarding the data leak was provided by a person whose true identity is still unknown. It was published by a user going by the fictitious moniker of “Shadow Hacker.”

The same hacker group also asserts that they were successful in obtaining many individuals’ official email addresses from government agencies. There is no information available at this time regarding how the hacker gang gained access to IRCTC data. Security companies have not yet verified the validity of the most recent data breach.

Not for the first time, something similar has occurred. A similar incident occurred in 2019, and data from about 9 million people was posted online. Later, the government declared that under the updated Data Protection Bill, data breaches might result in fines of up to Rs 500 crore. However, it doesn’t appear as though the frequency of data breaches has decreased.

It is encouraged for users to avoid sharing their personal information with any unknown person or account, even if they find them to be rather persuasive. People are recommended to exercise caution, especially while doing online transactions, since hackers have many methods for stealing the money of consumers.

Statement by IRCTC 

IRCTC has provided the following statement:

An incident regarding Indian Railway data breach has been reported in the media. In this connection it may be submitted that Railway Board had shared a possible data breach incident alert of CERT-In to IRCTC reporting a data breach pertaining to Indian Railways passengers.

On analysis of sample data it is found that the sample data key pattern does not match with IRCTC history API. Reported/suspected data breach is not from the IRCTC servers.

Further Investigation on the data breach is being done by IRCTC. All IRCTC Business Partners have been asked to immediately examine whether there is any data leakage from their end and apprise the results along with corrective measures taken to IRCTC.