This story is from May 13, 2016
Startup claims IRCTC website data leak is real
NEW DELHI: India's largest e-commerce website IRCTC may have escaped hack last week, however, the website is a sitting duck for even amateur hackers.
“Contrary to the claims made in media, there is indeed a data leak happening on the IRCTC website. The data includes phone numbers, email addresses, home addresses, date of birth, Aadhar for those users who gave it on IRCTC, password reset question and the secret answer,” Fallible co-founder Abhishek Anand told TOI Tech.
Anand has also sent a mail to railway minister Suresh Prabhu explaining the technical details of the vulnerability (TOI Tech has a copy of that mail).
The mail relates to a vulnerability found on the IRCTC iOS app. “We have confirmed it for iOS app but it does not matter since one can get all IRCTC users data, including even those who have never used the mobile app.”
Last week, there were media reports that personal data of around 1 crore customers is feared to have been stolen from the server of the e-ticketing portal IRCTC.
"We deny all reports claiming that IRCTC website was hacked. No Denial of Service attack (DoS/DDoS) has been successful and the E-ticketing website has been working normally thereby eliminating any chances of unauthorized interference. No leakage of data through any of the service providers of IRCTC has been established," IRCTC PRO Sandip Dutta told TOI Tech.
The hacking speculations started after Maharashtra Cyber Cell was reportedly informed about a CD containing phone numbers, date of birth and other such information of IRCTC users being sold for Rs 15,000 in the market.
This raised fears about data of lakhs of IRCTC users being compromised.
In the past too, there have been cases in which railway booking agents have used a software to hack into IRCTC's website and booked several e-tickets even before the online windows opened for bookings.
Read Also:
“Contrary to the claims made in media, there is indeed a data leak happening on the IRCTC website. The data includes phone numbers, email addresses, home addresses, date of birth, Aadhar for those users who gave it on IRCTC, password reset question and the secret answer,” Fallible co-founder Abhishek Anand told TOI Tech.
Anand has also sent a mail to railway minister Suresh Prabhu explaining the technical details of the vulnerability (TOI Tech has a copy of that mail).
The mail relates to a vulnerability found on the IRCTC iOS app. “We have confirmed it for iOS app but it does not matter since one can get all IRCTC users data, including even those who have never used the mobile app.”
Last week, there were media reports that personal data of around 1 crore customers is feared to have been stolen from the server of the e-ticketing portal IRCTC.
"We deny all reports claiming that IRCTC website was hacked. No Denial of Service attack (DoS/DDoS) has been successful and the E-ticketing website has been working normally thereby eliminating any chances of unauthorized interference. No leakage of data through any of the service providers of IRCTC has been established," IRCTC PRO Sandip Dutta told TOI Tech.
The hacking speculations started after Maharashtra Cyber Cell was reportedly informed about a CD containing phone numbers, date of birth and other such information of IRCTC users being sold for Rs 15,000 in the market.
This raised fears about data of lakhs of IRCTC users being compromised.
In the past too, there have been cases in which railway booking agents have used a software to hack into IRCTC's website and booked several e-tickets even before the online windows opened for bookings.
Top Comment
S
Saurabh
3460 days ago
I am sure data has been leaked.. In last 2 days i am receiving spam mails with my name exactly as printed on tickets (incomplete) and nowhere else and with knowledge of my postal address which is not maintained anywhere else but irctc. This is scary.Read allPost comment
Popular from Business
- Rupee fall: Currency breaches 91 per dollar again; FII outflows, trade jitters bite
- Gold price today: How much 22K, 24K gold cost in Delhi, Mumbai & other cities - Check rates
- 5 new Amrit Bharat Express today! PM Modi flags off 5 trains — Check timing, stations, routes & more
- Greenland row: France’s Macron urges trade 'bazooka' action against US tariffs; seeks activation of EU anti-coercion instrument
- India to become upper middle income country soon! Per capita income to rise; economy set to be 3rd largest
end of article
Trending Stories
- Gold price today: How much 22K, 24K gold cost in Delhi, Mumbai & other cities - Check rates
- Stock market today: Which are top 10 gainers and losers on NSE & BSE on January 19? Check list
- RBI proposes linking BRICS' digital currencies, says report - here’s why it would be an important move
- India To Join Upper Middle Income: SBI sees $4,000 per capita GNI by 2030; aligns with China, Indonesia
- Big blow to cryptocurrencies! Bitcoin slips to $92,000 after Trump tariff threat; Ether & Solana also slide
- Trump's Greenland gambit: EU leaders to meet in Brussels after US announces 10% tariffs — what’s on agenda
- Trump hits 8 European countries with tariffs: Asian and European markets fall; US stock futures tumble
Photostories
- Fake Sweet Potato in the market? How to check the purity of sweet potato at home and 6 easy dishes
- How to make classic Bread Halwa at home
- 8 baby girl names inspired by rare flowers from around the world
- How to make Chicken Kadi Patta for dinner
- Top 10 countries in Asia with the highest quality of life
- 20 Maggi combinations to enjoy this winter season
- 15 best rated dishes made with Paneer from across India by top global culinary agency
- 5 principal beliefs of Hinduism explained simply
- From Namita Thapar’s Rs 50 crore house to Aman Gupta’s lavish lifestyle- Luxurious things Shark Tank India judges own
- Travel influencer Shenaz Treasury recommends these 6 places women must travel to in 2026; safe, stunning and solo-friendly
Up Next