It seems that the data of millions of Indian Railway users has been leaked online. There are reports claiming that a hacker has put up the data on sale via the dark web. This news comes just days after data breach on India’s top medical institution – All India Institute of Medical Science (AIIMS) was reported. Here is everything we know so far about the latest data break.
So far, the government or the Indian Railways haven’t confirmed anything about the data breach, so we don’t know if the data provided by the hacker is accurate. A report from Times Now claims that hackers have obtained a lot of user data, including email, mobile number, address, age, and gender.
Read More: Bank Holidays in January 2023: Banks to Remain Closed for 14 Days in January; Check List
The hacker has claimed that the group has also leaked Indian Railway passengers’ travel history and invoices. The leaked data includes user information as well as the booking data of people. The forum is reportedly charging $400 per copy of data and a buyer will be able to obtain only five copies. Those who want exclusive access to the data will reportedly be required to pay $1,500 and $2000 for data and vulnerability details, as per a report by IndiaTimes.
The data breach reportedly took place on December 27. The details about the data leak have been posted on a hacker forum by someone, whose real identity is still unknown. It is posted by someone called ‘Shadow hacker,’ which is a fake name.
The same hacker group is also claiming that they have also managed to obtain the official email accounts of several people in government departments. As of now, there is no information on how the hacker group managed to access IRCTC data. Cybersecurity firms are also yet to confirm the authenticity of the latest data breach.
This is not the first time that something like this has happened. In 2019, a similar breach took place, and data of around 9 million people was leaked online. Later, the government announced that a fine of up to Rs 500 crore will be charged for data breaches under the revised Data Protection Bill. However, it doesn’t seem like there is a drop in the rate of data breaches that have been happening.
Users are advised not to share their personal data with any unknown person or account if even the individual sounds pretty convincing. Hackers have several tricks to steal the money of users and so people are advised to be careful, especially with online transactions.