RailYatri’s exposed server revealed the private information of over 700,000 users


India’s popular bus and railway ticket booking platform, RailYatri has suffered a huge data breach due to one of its exposed server that revealed the private information of over 700,000 registered users of the platform.

The exposed Elasticsearch server was first reported by a team of researchers at the cybersecurity firm, Safety Detectives on August 10 when the team was reviewing the server data, it was hit by a Meow bot that attacked the server and wiped almost all of the 43GB data stored on that server and about 1GB of data was left on the server after the attack.

The Meow bot attack is a new type of cybersecurity attack that is able to erases all of the unsecured data stored on the Elasticsearch, MongoDB, or Redis servers when initiated.

According to the report the massive database contained more than 37 million records with log files and the private information of over 700,000 unique users.

The private information includes everything from users’ email address, full name, phone number, address, gender, age, payment logs, saved payment information like UPI IDs, credit and debit cards and it even included the user’s GPS location as well.

With these set of data about a user anybody can track a user’s location and even learn about a users upcoming travel plans.

The security research team first contacted the company to resolve the security issue but it received no response from the company, then the researchers informed Indian National Computer Emergency Response Team (CERT-In) and the server vulnerability was riveted within a day.

Note: If you are an existing user of RailYatri we suggest you to reset your password, delete all your saved payment information on the service and change the PIN codes of your debit/credit cards and UPIs.

Source: TNW

Leave a Reply

%d bloggers like this: