A data breach stole the data of approximately 30 million people that the Indian Railways experienced on Tuesday, December 27. A hacker is said to have listed the user data for sale on the Dark Web.
Without revealing the source of information, the hacker asserts that “it’s one of the biggest railways databases in India.” The stolen data collection includes user information and invoices, some of which have due dates of December 31, 2022.
Username, email, verified and verified mobile numbers, gender, city Id, city Name, state Id, and language preferences are among the data. The hacker’s sample data includes a number of records containing the emails and phone numbers of people who have purchased tickets from Indian Railways.
Following the All India Institute of Medical Sciences (AIIMS) data breach earlier this month, claims of a new data breach in the database of Indian Railways customers have surfaced.
Over 30 million railway passengers’ personal information has reportedly been hacked and posted for sale on a hacker forum. The “shadow hacker” hacker is the one who allegedly carried out this intrusion.
The hacker also asserts that “important persons” and “government personnel” have had their data taken. It is apparent from the snapshot of the hacker site where the data was listed for sale that customers’ travel and billing histories were also compromised.
