Article DETAILS

The Indian Railways has allegedly suffered a data breach. A hacker on Monday put up data of 30 million Indian Railways users on the dark web for sale. The threat actor claims that the user entries in the database include name, gender, email, mobile number, and city. The hacker, who went by the alias shadow hacker, further claims that the data set of 30 million users also includes famous and important people along with government emails and information about government officials. The hacker shared samples of data, which included accounts tied to government emails like DigiLocker and Konkan Railways.

The Indian Railways suffered a similar data breach in 2020 when the personal information of over nine million Indian Railways ticket buyers was found online. Security researchers have yet to authenticate the latest breach. The Indian Railways has also not commented on the alleged data breach.

Last week, Twitter suffered a data breach and the hacker was found selling user data of over 400 million Twitter accounts on the dark web. This hacker threatened Elon Musk and Twitter saying the company should buy the stolen data to save itself from the regulatory body's imminent penalty for mishap in protecting user privacy and information.