Incident & Breach Response , Security Operations
Rail Yatri Chastised for Breach Affecting Over 30M Customers
Breach Came to Light When Criminal Underground Forum User Put Data Up for Sale
The union government chastised the operator of Indian Railways ticket booking website Rail Yatri for failing to prevent a December data leak that compromised the personal information of more than 30 million users.
See Also: The Critical Nature of Incident Readiness and Response
Union Minister of State for Electronics and Information Technology Rajeev Chandrasekhar said on Wednesday that the government had suspended the ticket booking facility on the Rail Yatri application and imposed an unspecified penalty on the custodian of the application.
The application was subsequently restored after "necessary security measures" were implemented, the minister told the lower house of Parliament in a written reply.
The Rail Yatri breach came to light when criminal underground forum user "shadowhacker" put up for sale data stolen from the booking app. The data dump included names, email addresses, phone numbers, gender, invoices, and travel information such as passenger name, record number, train number and destination.
The Indian Ministry of Railways in December denied that the data of 30 million people allegedly on sale on the dark net had come from a hacker breaching Rail Yatri.
Chandrasekhar said government organizations reported seven data leak incidents in 2022, up from five in 2021. The government issued instructions for mandatory reporting of cyber incidents to the Indian Computer Emergency Response Team to secure their data quickly.
He said the Indian Computer Emergency Response Team has prepared a cyber crisis management plan, which all ministries and departments of the central and state governments have to follow to combat cyber terrorism, secure their IT infrastructure and mitigate cyberattacks.