IRCTC bug: Student detects HUGE flaw, saves data of millions of users | Tech News
Home Tech Tech News IRCTC bug: Student detects HUGE flaw, saves data of millions of users

IRCTC bug: Student detects HUGE flaw, saves data of millions of users

IRCTC bug: A student in Chennai has discovered a dangerous flaw in IRCTC website while booking train tickets. He saved data of millions of users from being leaked by hackers.

By: HT TECH
| Updated on: Aug 21 2022, 20:32 IST
Icon
IRCTC Bug
IRCTC bug: The IRCTC bug was revealed by a student and it has helped resolve a security vulnerability in the IRCTC online ticketing platform that is used by millions of Indians. The IRCTC website was fixed thereafter. (Pixabay)
IRCTC Bug
IRCTC bug: The IRCTC bug was revealed by a student and it has helped resolve a security vulnerability in the IRCTC online ticketing platform that is used by millions of Indians. The IRCTC website was fixed thereafter. (Pixabay)

In what will bring welcome relief to officials, a teenager detected a dangerous flaw on IRCTC website. The youngster detected the IRCTC bug while using the IRCTC system to book a train ticket. Thankfully, the teenager acted as a good Samaritan and alerted the authorities. The IRCTC flaw was reportedly fixed within five days of him reaching out to highlight the issue.

The presence of this IRCTC bug was revealed by a 17-year-old student in Chennai and it has helped resolve a security vulnerability in the Indian Railway Catering and Tourism Corporation (IRCTC) online ticketing platform that is used by millions of Indians. The early detection by the enthusiast reportedly resulted in the flaw being patched before it could be misused by malicious actors that could have exposed personal data of most IRCTC users.

Also read: Looking for a smartphone? Check Mobile Finder here.

The IRCTC bug was spotted by P Renganathan, who is currently studying in standard 12 at Tambaram, as reported by The Hindu. Renganathan was using the IRCTC portal some time ago to book a ticket when he found certain security vulnerabilities that could have led to personal information of this website's users being leaked online.

According to the report, Renganathan found the most critical Insecure Object Direct References (IDOR) vulnerability, which he was able to use to access personal information such as a passenger's age, their name, PNR details and departing times along with date and time of the journey. Interestingly, Renganathan's disclosure to the Computer Emergency Response team (CERT-In) was on August 30, and a ticket was raised within minutes, while the IRCTC resolved the issue within five days, the report said.

“Since the back-end code is the same, a hacker would have been able to order food, change the boarding station and even cancel the ticket without the knowledge of the bona fide passenger,” Renganathan explained to The Hindu. He also added that domestic tourism and international travel, along with bus and hotel booking could be found in a user's profile, which could mean millions of passengers could have lost their data in a breach.

The report states that Renganathan has also received acknowledgement for helping resolve security flaws with products from Nike, Lenovo LinkedIn and the United Nations.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 21 Sep, 16:45 IST
Tags:
Trending: bored of your instagram explore feed? here’s how you can change, reset it mrbeast vs t-series: popular youtuber on the verge of surpassing indian music label in subscribers whatsapp update: new ‘private mention’ feature for status updates coming soon- details google wallet introduces 'linked passes' setting: what is it and how to use the new feature how to hide your instagram online status from others solar storm alert: cme could hit earth and spark a geomagnetic storm today, says noaa how to change whatsapp font style and font size in chat window google reorganizes android, chrome and pixel teams; deepmind to now handle ai development how to view saved wifi password on android - with and without root 54 chinese apps banned in india including garena free fire, applock! check full list of banned apps here
NEXT ARTICLE BEGINS

Tips & Tricks

WhatsApp banned
WhatsApp banned my number. What’s the solution? Step-by-step guide to ‘unban’ your account
Consider Tonnage
Don't forget these 5 things while buying ACs online
Productivity
Otter AI: How to use this AI meeting assistant app to automatically take notes, transcripts, more
Pixel 8 Pro's Pro
Know how to master Pro Controls on the Google Pixel 8 Pro - check top 4 tips
ChatGPT Plus
How to edit images generated by DALL-E in ChatGPT: Step-by-step guide

Editor’s Pick

Digi Yatra
Digi Yatra users, delete the old app right now- Here’s how to download the new app and use it at airports
iPhone 15
iPhone 16 leaks summarised: Colours, A-series chip and what more to expect from Apple in 2024
STScI-01HFQ5YXZ04PF608HQB0KRTF3S
10 stellar images shot by NASA’s $10 billion James Webb Space Telescope
HDFC Bank alerts about a few common ‘bad habits’ of smartphone users that make it easy for them to fall prey to hacking attempts and scams.
Online scams: 5 habits of smartphone users that make life easy for hackers, warns HDFC Bank
Moto Edge 50 Pro
Motorola Edge 50 Pro review: Should you buy this new AI smartphone under 35,000?

Trending Stories

Dbrand
MKBHD takes tough stand after Dbrand makes racist comment on Indian customer [Update]
GTA_6
GTA 6 leaks: What we know so far about Grand Theft Auto 6
STScI-01HFQ5YXZ04PF608HQB0KRTF3S
10 stellar images shot by NASA’s $10 billion James Webb Space Telescope
Google Vids
Google Vids- All details about this new AI video app and how to use it
iPhone 13
Apple iPhone 13 available at discounted price of Rs. 52,990 on Amazon- Check details
keep up with tech

Gaming

Free Fire Max release date
Garena Free Fire MAX Redeem Codes for April 20: Avatars, weapons skins and more on offer
Garena Free Fire redeem codes for April 20
Garena Free Fire Redeem Codes for April 20: Tips and tricks to become pro player earlyUntitled Story
GTA 6: From main protagonists to supporting figures, all the key characters in Grand Theft Auto 6
GTA 6: From main protagonists to supporting figures, all the key characters in Grand Theft Auto 6
Garena Free Fire MAX Redeem Codes for April 19
Garena Free Fire MAX Redeem Codes for April 19: SCAR Ring event bring menacing weapon skins!
Garena Free Fire Redeem Codes for April 19
Garena Free Fire Redeem Codes for April 19: OB44 update rolled out, know what’s new

Best Deals For You

10 best coding and programming laptops
Best laptops for programming: From ASUS, HP to Dell: Check out the 10 ultimate code companions
Realme Narzo N53
Realme phones under 20000: Check Realme 11, Realme Narzo 60, Realme Narzo 50, more
Revolutionary Sound Experience
Premium TWS Noise Buds Xero launched with adaptive noise cancellation, Sound+ Algorithm
iQOO 12
iQOO anniversary offers on iQOO 12, iQOO Neo 9 Pro and more announced; Check details
POCO Unveils Green Variants
POCO unveils vibrant green variants of POCO M6 5G and POCO C65 exclusively on Flipkart

    Trending News

    MKBHD takes tough stand after Dbrand makes racist comment on Indian customer [Update]
    Dbrand
    GTA 6 leaks: What we know so far about Grand Theft Auto 6
    GTA_6
    10 stellar images shot by NASA’s $10 billion James Webb Space Telescope
    STScI-01HFQ5YXZ04PF608HQB0KRTF3S
    Google Vids- All details about this new AI video app and how to use it
    Google Vids
    Apple iPhone 13 available at discounted price of Rs. 52,990 on Amazon- Check details
    iPhone 13

    Trending Gadgets

    Mobiles Laptops Tablets