Data of 30 mn railway users put on sale

Millions of Indian Railway users’ personal information appears to have been exposed online. According to rumours, a hacker has put the data up for sale on the dark web. Only a few days have passed since the All India Institute of Medical Science (AIIMS), India’s premier medical institution, was alleged to have had a data breach. Here is what we currently know about the most recent data breach.

We don’t know if the data provided by the hacker is accurate because the government or the Indian Railways haven’t verified anything about the data breach to date. Hackers allegedly acquired a large amount of user data, including email, mobile number, address, age, and gender, according to a report from Times Now.

According to the hacker, the group also compromised the billing information and trip records of Indian Railway customers. Both user information and information about people’s bookings are included in the stolen data. A buyer can only get five copies of the data for $400 per copy, according to the forum. According to a report by IndiaTimes, those who want exclusive access to the data will need to pay between $1,500 and $2000 for the data and vulnerability details.

According to reports, the data breach happened on December 27. On a hacker forum, information regarding the data leak was provided by a person whose true identity is still unknown. It was published by a user going by the fictitious moniker of “Shadow Hacker.”

The same hacker group also asserts that they were successful in obtaining many individuals’ official email addresses from government agencies. There is no information available at this time regarding how the hacker gang gained access to IRCTC data. Security companies have not yet verified the validity of the most recent data breach. ZeeNews