The Indian Railway Catering and Tourism Corp (IRCTC) on Thursday denied that its website, which is visited by around 22 lakh people a day, had been hacked.
"IRCTC website was not hacked and is functioning properly. The passengers are also able to book tickets through the website," Sandip Dutta, IRCTC public relations officer, told IANS.
An estimated 5 to 6 lakh dominantly railway tickets are sold daily on the website. IRCTC is one of the largest e-commerce platforms in India, with three crore active registered users.
A joint committee comprising officers from IRCTC and CRIS (Centre for Railways Information System) was set up following media reports that the rail ticketing website was hacked and passenger data stolen.
"The committee in its preliminary report has not found any indication of breach of security in any of the databases of the e-ticketing system. Further investigations by the committee is in progress and once the purported leaked data is made available, checks will be conducted," said a statement issued by IRCTC.
The e-ticketing data is broadly categorised into two categories - sensitive information like debit/credit card details, login ID and passwords, which could cause potential financial risk; and other data like mobile number and email IDs.
The IRCTC said mobile numbers and email IDs are already available with other service providers.
"Email and mobile numbers have to be shared with service providers for providing catering services, cab services, hotel bookings, SMS services. Till now, leakage of data through none of the service providers of IRCTC has been established," the statement added.
It said the security of e-ticketing system was ensured through regular audits by the Directorate of Department of Electronics and IT.
"Security audit of e-ticketing system is undertaken bi-annually and all sensitive data like passwords are stored in encrypted form. In addition to this, 24x7 monitoring of the system is done throughout the year by experts."
The matter came to light when the Cyber Cell of the Mumbai Police informed IRCTC that a large volume of data from its website was stolen.
The IRCTC website contains vital information pertaining to passengers who book train tickets and avail other services.
--IANS
av/bimr/mr
You’ve reached your limit of {{free_limit}} free articles this month.
Subscribe now for unlimited access.
Already subscribed? Log in
Subscribe to read the full story →
Smart Quarterly
₹900
3 Months
₹300/Month
Smart Essential
₹2,700
1 Year
₹225/Month
Super Saver
₹3,900
2 Years
₹162/Month
Renews automatically, cancel anytime
Here’s what’s included in our digital subscription plans
Exclusive premium stories online
Over 30 premium stories daily, handpicked by our editors
Complimentary Access to The New York Times
News, Games, Cooking, Audio, Wirecutter & The Athletic
Business Standard Epaper
Digital replica of our daily newspaper — with options to read, save, and share
Curated Newsletters
Insights on markets, finance, politics, tech, and more delivered to your inbox
Market Analysis & Investment Insights
In-depth market analysis & insights with access to The Smart Investor
Archives
Repository of articles and publications dating back to 1997
Ad-free Reading
Uninterrupted reading experience with no advertisements
Seamless Access Across All Devices
Access Business Standard across devices — mobile, tablet, or PC, via web or app