wordpress blog stats
Connect with us

Hi, what are you looking for?

, , , ,

Updated: IRCTC website may be hacked and user data could be at risk; officials deny attack

irctc

Update: The Ministry of Railways has informed through a PIB release that there has been no hacking attempts made on the IRCTC site or servers/databases. It added that the site is working normally without any unauthorized interference or discrepancies. The Ministry further said that there sufficient “safeguards” already in place to prevent any security breach or attacks, and also claims to conduct biannual security audit of  IRCTC website regularly.

“In addition to this, 24×7 monitoring of the system is done throughout the year by technical team of experts. All the components of the system are functioning normal and no unusual activity has been discovered. All sensitive data like passwords etc are stored in encrypted form,” added the Railway Ministry.

Earlier: The Indian Railway Catering and Tourism Corporation (IRCTC) website used for online rail bookings is suspected to be hacked by unidentified attackers and user data could be at the risk . However, there is no clarity regarding what kind of attack or what mechanism were used by hackers for the breach.

A spokesperson from IRCTC told Times of India: “Somebody can create forged documents on the basis of the stolen data.The data is a valuable asset and can be sold to corporations who may use it for targeting potential consumers.”

However, IRCTC’s Public Relations Officer Sandip Dutta has reportedly told The Indian Express that there was no hacking attempt on the site and that a committee has been formed to investigate the matter. Dutta has also requested cyber cell’s help for the alleged data breach.

Advertisement. Scroll to continue reading.

Earlier, Dutta also told Asian News International (ANI) that the Maharashtra Police had informed IRCTC about a “data theft from its website”, but details of the breach is yet to be shared.

Tweet from ANI:

While, some are still not convinced about IRCTC’s PRO Sandip Dutta’s statements:

https://twitter.com/r0h1n/status/728086924087328768

Advertisement. Scroll to continue reading.

The Centre for Railway Information Systems (CRIS), an independent organization under the Ministry of Railways develops and manages IT applications of Indian Railways and for other Government and Public Sector organizations. MediaNama has written to it seeking details about the possible data breach, and is yet to hear from them.

What user data is at risk: According to IRCTC’s marketing profile, there are approximately 3.9 crore profile registrations, 2.5 crore active users, and 18 thousand average user registrations everyday on the website. On registration, IRCTC collects personal information including address, email, phone numbers, etc. At time of booking IRCTC accepts passport, Aadhaar Cards, PAN cards or a driving License.

Financials: IRCTC had generated Rs 20,620 crore (~ $3.08 billion) in online ticketing with a profit after tax of Rs 130 crore ($19.5 million) from March 2014- March 2015. This is up 34% from a year ago, when its revenue was Rs 15,410 crore ($2.3 billion), and a profit of Rs 72 crore ($10.8 million).

Earlier reports of data breach and hacked websites

Advertisement. Scroll to continue reading.

BSNL’s Jaipur website hacked: In August last year, BSNL’s website was hacked by members of a hacker group identifying itself as Hell Shield Hackers. However, the hackers were not able to hijack the entire domain, instead managed to get into BSNL’s Regional Telecom Training Centre Jaipur subdomain. The hackers named PsyCh0T!C_Ov3RL04D HSH and Th3 Laz4RU5 claim to have deleted all data on the website they had access to.

Pakistani security firm stealing Indian Govt info: Pakistani cyber security firm Tranchulas was reportedly found to be stealing information from the Indian government and defence establishments. The information came to light through a two year investigation by the US-based IT security firm FireEye. According to FireEye, Tranchulas, which claims to have helped the Pakistani government prepare for cyber warfare, sent emails to Indian government officials containing malicious code.

Gematlo hack aided by NSA and GCHQ: In Februaury 2015, SIM card provider Gemalto admitted that the hacking operation by the NSA and GCHQ between 2010 and 2011, targeted India Pakistan, Afghanistan, Serbia and Iran among others. Gemalto’s report also mentions that the interception technique did not work with operators using secure data exchange methods and in particular it “failed to produce results against Pakistani networks”.

Written By

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.

Views

News

The US and other countries' retreat from a laissez-faire approach to regulating markets presents India with a rare opportunity.

News

When news that Walmart would soon accept cryptocurrency turned out to be fake, it also became a teachable moment.

News

The DSCI's guidelines are patient-centric and act as a data privacy roadmap for healthcare service providers.

News

In this excerpt from the book, the authors focus on personal data and autocracies. One in particular – Russia.  Autocracies always prioritize information control...

News

By Jai Vipra, Senior Resident Fellow at Vidhi Centre for Legal Policy The use of new technology, including facial recognition technology (FRT) by police...

You May Also Like

Advert

135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...

News

Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...

News

By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

News

Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Name:*
Your email address:*
*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ