Reports have surfaced that the e-ticketing portal of Indian Railway Catering and Tourism Corporation (IRCTC) has been hacked putting confidential personal data of nearly one crore customers at risk of being stolen. The data under threat of being retrieved by hackers includes PAN card numbers, Aadhaar card details, email IDs and mobile numbers. Hinting at the gravity of the situation, IRCTC sources said, “The data is a valuable asset and can be sold to corporations who may use it for targeting potential consumers.”
The alleged data hack has seen a quick response from the side of the authorities with the Board forming a high-level six-member committee of experts to look into it. Chief Commercial Manager (CCM), along with the Railways called an emergency meeting after the mishap was reported. A committee has been formed constituted of three members of IRCTC and three from Center for Railway Information Systems (CRIS) – the rail ministry’s IT wing.
Officials have denied reports of credit card and bank account details being compromised claiming that banks deploy more secure firewalls for transactions. This case follows up a week after the arrest of a man from Eastern Uttar Pradesh by the Bengaluru Branch of CBI for hacking into the IRCTC website to create fake tickets.
However, IRCTC PRO Sandip Dutta discredited the news, claiming, “There has been no hacking attempt on the site. A high-level committee has been formed to probe the matter.” Given the sheer amount of the data stored with the IRCTC portal, this can turn out to be the largest data theft in the country’s history.