IBT reports:
For last the few years, Indian Railways Catering & Tourism Corporation (IRCTC) has made headlines for wrong reasons particularly related customer data leaks on its websites and how slow it takes time to fix it. And yet, the state-run firm seems to have learnt any lessons, as a new report has emerged that there is a flaw in the IRCTC that would allow hackers to cancel train tickets of the passenger without notice.
Fossbytes citing Ronnie T Baby, a cybersecurity enthusiast and a student at Karunya University has claimed that IRCTC despite having Captcha, a protocol to differentiate a human from a computer-based cyber attack is still vulnerable to hacking and cause inconvenience to the consumers. Thanks to innumerable attempts options to reset a password for the ticket bookers, a cybercriminal can use brute-force technique to crack open their account and cancel the booked tickets.
Read more on International Business Times.
This is not the first time security concerns involving IRCTC have appeared on this site.