The Next Web Reportedly, cyber-security firm Safety Detectives The team of ReSurers first spotted the Elasticsearch server on 10 August. The team found that the affected server was accessible for several days without any encryption and password protection. Safety Detective stated in its blog that anyone can access this entire database with the server’s IP address.
The blog also informed that 43 GB of data is available on the server, in which most users are Indians. The firm estimated that more than 7 million people may be affected by the platform’s drawback.
A company spokesperson in this regard claimed that he does not store “financial and other sensitive data”. He said that he does not store credit card details on the server. Apart from this, the spokesperson also informed that only one day’s data is stored on the Rail Yatri server, data older than 24 hours is automatically deleted. In such a situation, they have denied the data leaked information of more than 7 lakh people.
In a blog post, Safety Detective informed that on August 12, the Meow bot has deleted almost the entire server’s data. Meow bot is a new type of cyber-attack, which deletes insecure databases running on Elasticsearch, Redis or MongoDB servers servers.