Shadowhacker Hit The Headlines with Indian Railways Data

Shadowhacker selling 30 Million User Info and Invoices related to Indian Railways in a popular Underground Hackers forum

Shadowhacker, the well-known hacker/hacker group, claims to be breached the Indian Railways Booking portal.

This time, Shadowhacker are selling 30 Million User Info and Invoices related to Indian Railways in a popular Underground Hackers forum.

Indian Railways Breach

However, the hacker did not disclose any Vulnerability or Source of the data but posted some sample data that contained Passenger's name, emails, phone numbers, train numbers, pnr etc.

The hacker claims there were two endpoints for data harvesting, another for invoices, train number, arrival time, email, phone, passenger gender, nationality, and all passenger information. The data also contains emails related to the Indian government ending with gov.in email extension.

After analysis of the Sample data, we are not sure this data is of that 2019 breach, but according to some reports, this breach seems fresh.

Still, There was no official confirmation of this breach by Indian Railways

The Hacker Claimed that the data was from RailYatri

Hi, am Basudev From Andhra Pradesh, India. a Blogger & Hacker Interested in Infosec, Web Development, Programming

Post a Comment

Comments will be reviewed before publishing