Cyber criminals have now attacked the website of Indian Railways and have claimed to have leaked the data of about 30 million users. The data leaker in the name of ShadowHacker has said that he has information about users’ names, phone numbers, mobile, language and state.
new Delhi. After AIIMS, online burglars have now attacked the website of Railways. The data of about 3 crore users of Indian Railways has been leaked. At present, the identity of the hacker has not been established, but on December 27, it has come to know that the data of these users is being sold on a hacker forum. Data seller has put information on the forum in the name of shadowhacker.
According to a Media news, this claim of the hacker includes many personal information including user’s name, mobile number, gender, address, city, language. The hacker has also claimed that it includes several government e-mail IDs, which have been put up for sale online. Security researchers have not yet been able to gather information about the veracity of the data or the methods of obtaining it. No official statement has come from the Indian Railways till now. Significantly, earlier this month, the website of Delhi-based AIIMS Hospital was hacked and the hackers allegedly demanded a ransom of crores of rupees.
Data leak of booking with user
There are two types of information included in the leaked data. One is the data of the user and the other is the data of ticket booking. User data includes name, e-mail, phone number, state and language, while booking data includes passenger name, mobile number, train number, journey details, invoice PDF, among others.
Selling data for thousands of rupees
Shadowhacker is offering to sell 5 copies of the data for $400 (about Rs 35,000), whereas if someone wants exclusive access, he will have to pay $1,500 (about Rs 1.25 lakh). Not only this, in exchange for sharing some specific information with the data, the hacker has asked for 2 thousand dollars i.e. about 1.60 lakh rupees.
Hacker will also tell weak links
The hacker is also proposing to expose those weak links, which he uses on the website. However, it is not yet clear whether this website is the ticket booking portal of IRCTC or the website of Indian Railways. At present, there is a risk of leakage of personal information of 3 crore users of Railways.
Cyber attacks on railways happened earlier also
This is not the first time that there has been a cyber attack on the Indian Railways. In the past too, Railways has faced incidents like data breach. In the year 2020, personal information of about 90 lakh customers who bought railway tickets was leaked, including their ID which was found online. The company found that since the year 2019, data theft of millions of users was going on on the dark web.
