Indian Railways Data Breach: 30 Million User Records up for Sale


Level 26
Thread author
Honorary Member
Top Poster
Oct 2, 2011
On Tuesday, December 27, Indian Railways experienced a data breach that compromised the personal information of approximately 30 million people.

Hackers discovered that 30 million Indian Railway user records were being sold on an online forum by a hacker who used a fake identity. A user known as a "shadow hacker" on the Dark Web was said to have listed user data for sale. However, there is no information regarding the identity of this user.

According to the hacker, various personal information was compromised, including name, email, phone number, and gender. A user further informed that the data contained several email addresses belonging to government agencies. Research conducted by security researchers has not been able to validate the authenticity of the data or how it was accessed. As of yet, there is no comment from Indian Railways regarding this incident.

There have been 41.74 million electronic ticket reservations made by the Indian Railway Catering and Tourism Corporation (IRCTC) in the fiscal year 2021-2022, which has resulted in revenue of 38.18 billion Indian rupees from these reservations.

In this data, you can find your username, email address and verified mobile numbers, gender, city Id, city name, and State Id, as well as your language preference information. The hacker had gathered several records from Indian Railways' databases. These records contained the details of people who had purchased tickets from Indian Railways through emails and phone numbers.

Additionally, the hacker offered details of the vulnerabilities on the website that he had exploited with the help of the data he had stolen. The website did not specify whether it was the IRCTC booking portal or the website of Indian Railways because this fact was not mentioned.

Alongside, the hacker alleges that "significant persons" and "government personnel" have been victimized by the theft of their personal information. According to the snapshot of the hacker site where the data was listed for sale, it appears that the hacker site also had the customer's travel and billing records included among the data.


About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.