During a routine dark web monitoring, our researchers in iZOOlogic spotted a malicious user account claiming to have obtained approximately 34 million user records from the India Railways. Dubbed ‘shadowhacker,’ the hacker declared that this recent data theft was one of the biggest leaks in Indian history.
The hacker ‘shadowhacker’ seemed to be selling the stolen database to other interested malicious actors, although they limited it to only ten copies for a total of $400 each. They added that this rule keeps the ownership of the stolen data anti-public and effective.
On the other hand, an exclusive sale of $1,500 is offered to a single customer interested in owning it alone.
Numerous user data from the India Railways are allegedly included in the marketed database.
Initially, the hacker stated to have stolen 30 million user records from India Railways. However, their Telegram channel announced that 4 million new entries had been added, making it a massive stolen database total of 34 million.
The hacker also shared which data are available on the stolen database, including but not limited to usernames, email addresses, verified and unverified mobile numbers, gender, city name and ID, state ID, and language preferences.
Additional significant details included in the alleged leak are people’s train travel history, such as passenger name, location, train number, arrival details, passenger nationality, and more. Shadowhacker also claimed that the database holds government data and information about other important entities and personalities.
Despite this data leak allegedly impacting India Railways, the hacker said they are unwilling to disclose which company has been hacked. Nevertheless, Shadowhacker indicated that it is one of the biggest railway companies in India.
It is important to note that this alleged data leak report is yet to be confirmed. The vector of how this database was obtained is also not been revealed. Our iZOOlogic researchers will probe the issue and share updates once available.
For now, people and entities who have been a passenger of railways in India must be cautious about potential cyberattacks leveraging their data.
