It appears that Indian Railways recently experienced a data breach. On a hacker forum, data belonging to Indian Railways is for sale. Cybercriminals primarily use this forum to sell breached data and hacked accounts.
The data of 30 million Indian Railways users has been posted for sale on the portal by a user with the username shadowhacker. A sample database in plain text format is also provided by the threat actor. As a result, prospective buyers can verify the information before making a payment. The compromised data has two endpoints. The first contains user data, while the second contains booking data. The username, email, phone number, gender, city, state, and language preference are all part of the user data. The booking data includes the passenger's name, phone number, train number, travel details, invoice PDF, and other information.