ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Yatra Data Breach

yatra.com
Significant exposure
Verified breach Passwords exposed
Accounts exposed 5,033,997
Breach date 01 Sep 2013
Added to tracker 04 Jul 2018
Data classes 7

What happened

In September 2013, the Indian bookings website known as Yatra had 5 million records exposed in a data breach. The data contained email and physical addresses, dates of birth and phone numbers along with both PINs and passwords stored in plain text. The site was previously reported as compromised on the Vigilante.pw breached database directory.

Exposed data

Dates of birth Email addresses Names Passwords Phone numbers Physical addresses PINs

Recommended actions

  • Change your Yatra password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing Yatra โ€” attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Exposed identity data raises identity-theft risk โ€” consider credit monitoring or a credit freeze.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP