RailYatri, a platform that allows Indians to book railway and bus tickets easily, could have exposed many of its users’ private data, at least the reports are saying this. The user count is expecting more than seven lakh. The report is saying that the servers with 43 GB of user data are
a massive data breach that is due to inadequate safety protocols.
A group of researchers from a cybersecurity firm Safety Detective firstly noticed the exposed Elasticsearch server on 10th August. When the team was reviewing the server data, it was hit by a Meow bot attack and it removed almost all the data from the server. Around 43 GB of data of over 37 million records reduced down to 1 GB.
The Meow attack is one of the new types of cyber attack that clears unsecured Elasticsearch, MongoDB, or Redis servers’ data. For this time, over 37 million recorded with log files and 7 lakh unique e-mail addresses are leaked.
It’s not all, the leaked data also includes users’ full name, phone number, address, gender, age, and payment logs such as saved UPI IDs, credit, and debit card details, as well as location details.
Safety Detective reached the company first to resolve the security issue, but when they didn’t respond, the cybersecurity research firm went to the Indian National Computer Emergency Response Team (CERT-In). A day after that, the vulnerability was fixed.
If you ever used the RailYatri service, it is requested to reset your password, delete all your payment method details like UPI data and cards, and also try to change the UPI pin.
Do Check Out 👇🏼
