Trending

ee-track">
Link copied!

Toll Plaza Data Exposure

Cyble's Research on misconfigured servers that could risk exposing FASTag toll booth data.

December 28, 2021 · 1 min read
Toll Plaza Data Exposure

FASTag is a toll collection system in India based on Radio Frequency Identification (RFID) technology. FASTag directly makes payments from the bank account to the toll plaza without stopping for transactions.

Cyble Research Labs found a publicly exposed website containing plain text data of an unidentified toll plaza. The exposed website has information related to transactions, vehicle registration, vehicle type, tag ID, digital signature, etc., used for transactions.

Figure 1 shows the website containing the configuration data of the website.

Cyble-Toll-Plaza-Leak-1
Figure 1: The website containing the configuration data of the website

The folder XmlFiles contains data related to the various transections starting from 27 August 2021 till 27 December 2021, as shown in Figure 2.

Cyble-Toll-Plaza-Leak
Figure 2: The various transections

We found that the folder contains XML files containing data related to FASTag transactions during our analysis.

The following information is present in the XML files:

  • Plaza ID
  • Vehicle Tag ID
  • Vehicle Class
  • Vehicle Registration Number
  • Digital Signature Information

The XML file containing further details is shown in Figure 3.

 Cyble-Toll-Plaza-Leak
Figure 3: The further details from the leak

Conclusion

This data exposure poses third-party risks. Though the risk level is relatively low, attackers could potentially leverage the exposed data to carry out social engineering attacks.

Our Recommendations

Following essential cybersecurity best practices creates the first line of control against attackers. We recommend that our readers follow the best practices given below:

  • Regularly monitor your public-facing network assets.
  • External APIs should implement authentication measures to keep critical data confidential.
  • Regularly perform audits and Vulnerability Assessment and Penetration Testing (VAPT) of organizational assets, including network and software.
  • Implement strict Identity and Access Management (IAM) policy.

AI Threat Intelligence

Stop Executive Threats
Before They Strike

Monitor dark web chatter, detect lookalike domains, and protect your C-suite from targeted impersonation — in real time, across 50+ countries.

Scroll to Top

Book your session

Request a Personalized Demo

See how Cyble's threat intelligence protects your organization. A specialist will reach out within one business day.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams

Download the brochure

Get the Cyble Vision Brochure

Explore how Cyble Vision delivers AI-powered threat intelligence across your attack surface. Fill in your details to access the brochure.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams