Train ticketing platform RailYatri on Wednesday confirmed that it suffered a data breach in December 2022, shortly after the Railway Ministry denied that user data were being sold on the dark web leaked from the Railways’ side.
“We observed a security breach in our system on December 28, 2022,” a RailYatri spokesperson told The Hindu. “We quickly established the source of the breach and fixed it within a few hours. Some RailYatri registered user information limited to age, email, preference city and phone numbers may have been viewed by unauthorised individuals. No other sensitive customer information has been compromised. We have reported the incident to the government authorities and are exploring legal steps to be taken.”