RailYatri App Hacked; 7,00,000 Emails Leaked

By: Sashwata Saha
26 Aug 2020 1:28:40 AM Class of 2020, Kolkata

According to network perimeter security specialists, RailYatri - one of India’s most popular online travel booking centres - has been hacked resulting in a data breach incident that exposed more than 43 GB of personal user information. This could possibly affect millions of service subscribers.


In an official statement issued on Monday evening, RailYatri said that the server reported to have been breached was only a test server. The company has refuted Safety Detectives’ assessment that over 700,000 email addresses had been leaked on the internet, calling it “impossible”.


The company spokesperson argued that as per general protocol, all data older than 24 hours are deleted from the server automatically, so the allegation that email addresses had been leaked over three days was factually incorrect. The company also noted that it fixed the issue as soon as it was brought to its notice by CERT-In.


On the possible exposure of credit card and other sensitive user information, RailYatri said it did not store such financial and other sensitive data, except some partial details.


Anurag Sen, head of security research at Safety Detectives, whose team had discovered the vulnerability, was unconvinced with RailYatri’s statement. Questioning the company’s claim that only a day’s worth of data was stored on the said server at any given moment, he said that when his team discovered the vulnerability on August 10, the server logs showed data from August 6 still on it.


“The affected Elasticsearch implementation operated without a password or any other security measure, so anyone who could find the affected IP address could have accessed the exposed information,” Sen said.


For security, potentially affected users are advised not to share sensitive information by email or phone, as well as ignore messages of suspicious appearance/sent by unidentified users.


Post Comments