Rlys dismisses data leak report from IRCTC portal

The Railways on Thursday dismissed reports about leak of email and mobile numbers from user profile data of the Indian Railway Catering and Tourism Corporation’s (IRCTC) e-ticketing system and said everything was safe and secure. There was no hacking or leakage of IRCTC ticketing website and everything was safe, said Railway Board Member (Traffic) Mohd Jamshed.

He was replying to a query on reports citing cyber officials in Maharashtra regarding alleged leak of email and mobile numbers from user profile data of IRCTC e-ticketing system. He said the security system has already been reviewed twice in the recent past. Railways constituted a committee comprising cyber experts and vigilance officials from IRCTC and Centre for Railway Information Systems (CRIS) on May 3 to check the possible theft of data and found no such case.

“The committee has submitted the preliminary reports and there is no leakage. We are constantly monitoring it,” Jamshed said. The e-ticketing system is managed in-house by CRIS, the IT arm of Indian Railways. The data centre is in the premises of CRIS.