Railway ministry denies IRCTC server data breach
Dec 28, 2022
New Delhi [India], December 28 : The Union Ministry of Railways has denied media reports about a potential breach of Indian Railway Catering and Tourism Corporation (IRCTCT) data, and said that the data breach was not from the IRCTC servers.
"On analysis of sample data, it was found that the sample data key pattern does not match with IRCTC history application programming interface (API). Suspected data breach is not from the IRCTC servers," the Railway Ministry said in a statement on Wednesday.
"An incident regarding Indian Railways data breach has been reported in the media. In this connection, Railway Board had shared a possible data breach incident alert of CERT-In to IRCTC reporting a data breach pertaining to Indian Railways passengers," it further said.
The Indian Railways added that further investigation on the possible data breach is being done by IRCTC.
"All IRCTC Business Partners have been asked to immediately examine whether there is any data leakage from their end and apprise the results along with corrective measures taken to IRCTC," the railway spokesperson said.
Earlier, a media report said that IRDTC has shared a possible data breach incident alert of CERT-In to IRCTC reporting a data breach pertaining to Indian Railways passengers.