ShellCodeX Breach Report
Indian Railways Data Breach
indianrails.in
Verified breach
Passwords exposed
Accounts exposed
583,377
Breach date
28 Oct 2019
Added to tracker
10 Jan 2020
Data classes
3
What happened
In November 2019, the website for Indian Rail left more than 2M records exposed on an unprotected Firebase database instance. The exposed data included 583k unique email addresses alongside usernames and passwords stored in plain text.
Exposed data
Email addresses
Passwords
Usernames
Recommended actions
- Change your Indian Railways password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing Indian Railways โ attackers weaponise breach data quickly.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP