13.9 C
London
Wednesday, September 28, 2022

India’s Akasa Air has exposed sensitive data of thousands of customers – londonbusinessblog.com

Must read

Meet Dick Van Dyke’s Oldest Daughter, Carrie Beth Van Dyke – Some Of Her Unknown Facts

Carrie Beth Van Dyke is an American actress and star child. She is widely popular as the Hollywood legend's third child Dick Van...

IRCTC concludes agreement to tourist spots of Chhattisgarh . to promote

The Chhattisgarha Tourism Office (CTB) signed a Memorandum of Understanding (MoU) with the Indian Railway Catering and Tourism Corporation on Tuesday (IRCTC) to promote...

Self-proclaimed ‘incel’ charged with pepper-spraying women in Southern California hate attacks

SANTA ANA, Calif. — A 25-year-old man has been charged with pepper spraying women in hate attacks in Southern California, prosecutors said Tuesday.Johnny Deven...

Apple removes the app from the Russian social network VK from the App Store • londonbusinessblog.com

Apple has pulled the app from the Russian social network VK from the App Store worldwide. The social media company said the VKontakte...
Shreya Christinahttps://londonbusinessblog.com
Shreya has been with londonbusinessblog.com for 3 years, writing copy for client websites, blog posts, EDMs and other mediums to engage readers and encourage action. By collaborating with clients, our SEO manager and the wider londonbusinessblog.com team, Shreya seeks to understand an audience before creating memorable, persuasive copy.

Akasa AirIndia’s newly launched airline that started operations earlier this month has made the personal details of thousands of its customers public due to a technical glitch affecting its login and signup service.

The exposed data, discovered by cybersecurity researcher Ashutosh Barotoincluding full names, gender, email addresses and phone numbers of customers who sign up and log in to the Akasa Air website.

The researcher found an HTTP request releasing the data minutes after looking at Akasa Air’s website on opening day on Aug. 7. He had initially tried to communicate directly with the Mumbai-based airline’s security team, but found no direct contact.

“I contacted the airline through their official Twitter account and asked them for an email address to report the issue. They gave me the email ID [email protected] to which I did not share the details of the vulnerability as it may be handled by support staff or third party vendors. So I emailed them again and asked: [the airline] to provide [the] email address of someone on their security team. I have received no further communication from Akasa,” the researcher said.

After the airline had not received a response on how to contact the security team, the researcher informed londonbusinessblog.com about the issue.

Akasa Air was quick to respond when we contacted us, acknowledging that the issue had compromised 34,533 unique customer records. The airline also said the exposed data did not include travel-related information or payment details.

When Akasa Air was notified of the incident, the sign-up service shut down. The airline also said it has added additional checks before resuming its service to the general public.

In addition, the airline told londonbusinessblog.com that it has conducted additional assessments to ensure the security of all of its systems.

Akasa Air reported the incident to the Indian cybersecurity agency CERT-In and informed the affected users through a statement that it also made public on Sunday. It advised users to “be aware of possible phishing attempts” because of the data exposure. It further confirmed to londonbusinessblog.com that it did not see an “unwanted spike in access” to the data.

“At Akasa Air, system security and protecting customer information is paramount, and our focus is to always provide a safe and reliable customer experience. While there are extensive protocols in place to prevent such incidents, we have taken additional measures to ensure that the security of all our systems is further enhanced. We will continue to maintain our robust security protocols and, where appropriate, work with partners, researchers and security experts from whom we can take advantage to strengthen our systems,” said Anand Srinivasan, co-founder and Chief Information Officer at Akasa Air, in a statement. drawn up.

“I am pleased that the airline resolved the issue at short notice and reported it to CERT-In and informed its customers about the incident, which is an exemplary step,” said the researcher.

Incidents of data exposure and leaks are becoming more common in India, which earlier this month repealed the latest iteration of its data protection law. A number of domestic companies in the country also do not have special programs to reward and encourage researchers who help find flaws in their systems.


More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

Meet Dick Van Dyke’s Oldest Daughter, Carrie Beth Van Dyke – Some Of Her Unknown Facts

Carrie Beth Van Dyke is an American actress and star child. She is widely popular as the Hollywood legend's third child Dick Van...

IRCTC concludes agreement to tourist spots of Chhattisgarh . to promote

The Chhattisgarha Tourism Office (CTB) signed a Memorandum of Understanding (MoU) with the Indian Railway Catering and Tourism Corporation on Tuesday (IRCTC) to promote...

Self-proclaimed ‘incel’ charged with pepper-spraying women in Southern California hate attacks

SANTA ANA, Calif. — A 25-year-old man has been charged with pepper spraying women in hate attacks in Southern California, prosecutors said Tuesday.Johnny Deven...

Apple removes the app from the Russian social network VK from the App Store • londonbusinessblog.com

Apple has pulled the app from the Russian social network VK from the App Store worldwide. The social media company said the VKontakte...

VRAI aims to tackle the energy crisis by bringing VR simulation training to the offshore wind sector • londonbusinessblog.com

Virtual Reality (VR) has struggled to move too far outside of gaming circles and specific industrial use cases like medical training, but with the...