With reliance on digital services increasing by the day, hackers are constantly on the lookout for loopholes to exploit that could fetch a data mine to be sold on the dark web. The victims of security breaches are often those services that have a weak form of encryption. But in a shocking development, an unsecured server of the Indian ticketing platform RailYatri exposed the personal data of more than 7 lakh users.
Security firm Safety Detectives discovered the massive breach on RailYatri's server on August 10 and reviewed the data three days later and the server became the target of a Meow bot attack, which led to the deletion of almost all server data. The data breach exposed a great deal of personal information, including partial credit and debit card details.
Data exposed in security breach
With more than 700,000 users affected by the breach, it is the type of information that was stored on RailYatri's unsecured server that has raised concerns. The exposed data includes full names, age, gender, physical addresses, email addresses, phone numbers, payment logs, UPI ID, train and bus ticket booking details, travel itinerary, GPS location, authentication token information and user session logs.
What's the risk?
The biggest risk affected users face in event of this massive data breach is that the personally identifiable information could be made public. The data could also be used in identity fraud, scams, and such. Moreover, RailYatri stored user location data while booking the tickets, which could be used by hackers to identify the current location of the user.
But the security researchers also note that the "leaked payment information was suppressed to reveal only partial copies of card numbers. This drastically reduces the chance of a malicious financial scam; however, resourceful hackers could still use the information on the server to launch phishing scams to induce victims to hand over their financial information."
What should users do?
The unsecured data server was secured after the researchers reached out to CERT-In. But as a precautionary measure, users must always be cautious of what information is given out and to whom. Always ensure the website is secured with "https" at the beginning.
Do not share information that could be used against you in any kind of fraud. Use different passwords for different platforms and services with a combination of letters, numbers and symbols.
Avoid clicking on links from unknown email senders. Always use secured Wi-Fi network, especially when making payments online.