Indian Railways denies IRCTC data breach but launches investigation

On December 28, the railways had submitted a data breach alert of the Indian Computer Emergency Response Team (Cert-In) to IRCTC

The Indian Railways on Thursday denied claims of a suspected data breach from servers of the Indian Railway Catering and Tourism Corporation (IRCTC).

"In this connection, it may be submitted that Railway Board had shared a possible data breach incident alert of CERT-In to IRCTC reporting a data breach pertaining to Indian Railways passengers," it said in a statement, as reported by PTI. 

"On analysis of sample data, it is found that the sample data key pattern does not match with IRCTC history API. Reported/suspected data breach is not from the IRCTC servers," it added.

However, the railways announced that