ShellCodeX Breach Report
Yatra Data Breach
yatra.com
Verified breach
Passwords exposed
Accounts exposed
5,033,997
Breach date
01 Sep 2013
Added to tracker
04 Jul 2018
Data classes
7
What happened
In September 2013, the Indian bookings website known as Yatra had 5 million records exposed in a data breach. The data contained email and physical addresses, dates of birth and phone numbers along with both PINs and passwords stored in plain text. The site was previously reported as compromised on the Vigilante.pw breached database directory.
Exposed data
Dates of birth
Email addresses
Names
Passwords
Phone numbers
Physical addresses
PINs
Recommended actions
- Change your Yatra password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing Yatra โ attackers weaponise breach data quickly.
- Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
- Exposed identity data raises identity-theft risk โ consider credit monitoring or a credit freeze.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP