IRCTC (Indian Railway Catering and Tourism Corporation), one of the biggest e-commerce sites in India was allegedly hacked today with account details of lakhs of customers feared stolen.
IRCTC handles over 500,000 transactions a day and is one of the major online portals used to book tickets one of the world's biggest railway networks. At present there is no official confirmation on the hack or data on how many accounts were affected by the breach. According to TOI sources, data stolen from the hack can be used to forge documents as people tend to give their PAN Card, Voter ID and other details for filling reservation forms.
However, IRCTC Public Relations officer, Sandip Dutta, has refuted the media reports saying:
There has been no hacking attempt on the site. A high-level committee has been formed to probe the matter.
But there has been another report from IndiaToday's Rahul Kanwal which says that the Maharashtra Government has confirmed the hack and that a CD with data is being sold for as less as Rs. 15,000.
IRCTC recently got a huge upgrade for improvement of speed with over Rs. 100 crore spent on the redesign and upgrades. Although the functioning of the website was improved by a huge margin, it seems that security still took a backseat.