In November 2019, the website for Indian Rail left more than 2M records exposed on an unprotected Firebase database instance. The exposed data included 583k unique email addresses alongside usernames and passwords stored in plain text.
Accounts breached: 583377
Breached on: October 28, 2019
Exposed data: Email addresses, Passwords, and Usernames
Domain: indianrails.in
Added on: January 10, 2020