March 21, 2023

RailYatri has suffered a massive data breach that has exposed the PII of over 31 million (31,062,673) users.

The breach is believed to have occurred in late December 2022, with the database of sensitive information now being leaked online on Breachforums.

The compromised data includes email addresses, full names, genders, phone numbers, and locations, which could put millions of users at risk of identity theft, phishing attacks, and other cyber crimes.

Advertisements

This is not the first time of data breach. In February 2020, researchers identified a misconfigured Elasticsearch server exposed to the public without any password or security authentication.

RailYatri was informed the company about the issue, and the ownership was initially denied. Later, the company claimed that it was merely test data. At that time, the server contained over 700,000 logs with over 37 million entries in total, including internal production logs.

All users are advised to change their passwords and enable two-factor authentication on their accounts as a precautionary measure.

Tags:

Leave a Reply

You may have missed

Ferrari – Cyber Attack Ransom Demanded

Ferrari – Cyber Attack Ransom Demanded

March 21, 2023
ForgeRock new Passwordless Service

ForgeRock new Passwordless Service

March 20, 2023
New Decryptor for Conti Ransomware Released

New Decryptor for Conti Ransomware Released

March 20, 2023
Royal Dirkzwager hit by Play Ransomware

Royal Dirkzwager hit by Play Ransomware

March 20, 2023
Trigona Ransomware Disection

Trigona Ransomware Disection

March 19, 2023
Makop Ransomware Disection

Makop Ransomware Disection

March 19, 2023
%d bloggers like this: