Shadowhacker, the well-known hacker/hacker group, claims to be breached the Indian Railways Booking portal.
This time, Shadowhacker are selling 30 Million User Info and Invoices related to Indian Railways in a popular Underground Hackers forum.
However, the hacker did not disclose any Vulnerability or Source of the data but posted some sample data that contained Passenger's name, emails, phone numbers, train numbers, pnr etc.
The hacker claims there were two endpoints for data harvesting, another for invoices, train number, arrival time, email, phone, passenger gender, nationality, and all passenger information. The data also contains emails related to the Indian government ending with gov.in email extension.
After analysis of the Sample data, we are not sure this data is of that 2019 breach, but according to some reports, this breach seems fresh.
Still, There was no official confirmation of this breach by Indian Railways
The Hacker Claimed that the data was from RailYatri