The data of over 3 Crore Indian Railways users has been leaked and is reportedly up for sale on the dark web. The data, which includes booking data as well as user information, is being sold for $400 per copy, with buyers only allowed to buy five copies. In case a buyer wants exclusive access to the data, they will have to pay $1,500 and $2,000. The breach took place on December 27, 2022.
On being questioned about the leak, the IRCTC issued a statement about the leak. They said “An incident regarding Indian Railway data breach has been reported in the media. In this connection it may be submitted that Railway Board had shared a possible data breach incident alert of CERT-In to IRCTC reporting a data breach pertaining to Indian Railways passengers.
On analysis of sample data it is found that the sample data key pattern does not match with IRCTC history API. Reported/suspected data breach is not from the IRCTC servers.
Further Investigation on the data breach is being done by IRCTC. All IRCTC Business Partners have been asked to immediately examine whether there is any data leakage from their end and apprise the results along with corrective measures taken to IRCTC.”
The name of the hacker is ‘Shadow hacker’, as per the posts made on forums where the data is up for sale. Nothing else is known about the entity.