New Delhi: After AIIMS, online burglars have now attacked the website of Railways. The data of about 3 crore users of Indian Railways has been leaked. At present, the identity of the hacker has not been established, but on December 27, it has come to know that the data of these users are being sold on a hacker forum. The data seller has put information on the forum in the name of a shadow hacker.
According to Moneycontrol news, this claim of the hacker includes much personal information including the user’s name, mobile number, gender, address, city, and language. The hacker has also claimed that it includes several government e-mail IDs, which have been put up for sale online. Security researchers have not yet been able to gather information about the veracity of the data or the methods of obtaining it. No official statement has come from the Indian Railways till now. Significantly, earlier this month, the website of Delhi-based AIIMS Hospital was hacked and the hackers allegedly demanded a ransom of crores of rupees.
Data leak of booking with user
There are two types of information included in the leaked data. One is the data of the user and the other is the data of ticket booking. User data includes name, e-mail, phone number, state, and language while booking data includes passenger name, mobile number, train number, journey details, and invoice PDF, among others.
Selling data for thousands of rupees
Shadowhacker is offering to sell 5 copies of the data for $400 (about Rs 35,000), whereas if someone wants exclusive access, he will have to pay $1,500 (about Rs 1.25 lakh). Not only this, in exchange for sharing some specific information with the data, the hacker has asked for 2 thousand dollars i.e. about 1.60 lakh rupees.
Hackers will also tell weak links
The hacker is also proposing to expose those weak links, which he uses on the website. However, it is not yet clear whether this website is the ticket booking portal of IRCTC or the website of Indian Railways. At present, there is a risk of leakage of personal information of 3 crore users of Railways.
Cyber attacks on railways happened earlier also
This is not the first time that there has been a cyber attack on the Indian Railways. In the past too, Railways has faced incidents like data breaches. In the year 2020, the personal information of about 90 lakh customers who bought railway tickets was leaked, including their ID which was found online. The company found that since the year 2019, data theft of millions of users was going on on the dark web.
