30 Million Indian Railway Users account data plus Invoices put on sale at Breach Forums, Details Inside
Yes, we have something new for our readers and that is around 30 Million Indian Railway Users’ account data put on sale at Breach Forums.
According to the report the alleged data contains User entries:
userName,
email,
verified MobileNumber,
unverified MobileMumber,
gender,
mobile Number Verified,
cityld,
cityName,
stateld,
languagePrefereces.
The hacker has also shared a sample list of the data on the Breach Forum website. The hacker doesn’t stop here, he has also shared that around 4 million more entries are there and more are still dumping. This would mean that the hacker is able to get into the database and the Indian railway still hasn’t shut down the connection yet.
The hacker also shared some of the news pieces just to confirm that the hack is real. According to a tweet by ANI, the report further said that the data in question is not directly pulled from the IRCTC website but rather from an API. The IRCTC has asked all its vendors to check from their end.
The seller provides only five copies of the data and charges $400 per copy, according to the listing. Data exclusivity will be available for $1,500. Furthermore, the seller claims to be able to provide the data and vulnerability details for $2,000 USD.
Earlier AIIMS data servers were also compromised and were shut down for approximately 4 days. This requires an urgent need for cybersecurity experts to be added to protect our IT infrastructure.