India’s railway ticket booking website IRCTC was hacked and account details of around 10 million users were stolen. Stolen data include the phone number, date of birth and other important details of customers. It has been sold in a CD for Rs. 15000 to those who is interested in this data.
An IRCTC official has confirmed the data leak but he denied to comment on the possibility of hack without proper investigation.
Maharashtra state government has confirmed that they have identified the hackers who were selling these data openly. Indian Railway board is also looking into the matter and will take required action.
While media reports claim that website was compromised, another Railway official says something else. He said that website was not hacked and data was stolen from some other medium. If he is right, there could be some IRCTC employee involved in this data breach.
He further said that Railway Board is waiting to get the copy of data to check if this data actually belong to IRCTC.
If this data actually belong to IRCTC, many users can face trouble as they store their phone number, Aadhar card number, email,PAN card details, credit/debit card details and other personal data. It can be used in identity theft.
We are looking into the matter and will report once we have something interesting to share.
