8.6 C
London
Sunday, January 29, 2023

India’s Akasa Air has exposed sensitive data of thousands of customers – londonbusinessblog.com

Must read

Husband of woman accused of murdering three children asks forgiveness for wife

The husband of the woman accused of killing her three children by strangling them before attempting suicide on Tuesday in Massachusetts says he has...

VC funding for Black web3 founders surfaced last year, against trends • londonbusinessblog.com

Much hope remains after the crypto winter almost froze the sector: the Luna crash, the bankruptcy of Celsius and the arrest of FTX founder...

Katie Feeney Boyfriend: Is The Youtuber Dating Baseball Champion Jack Hurley?

Katie Feeney Boyfriend: Is The Youtuber Dating Baseball Champion Jack Hurley?...

Using the Apple HomePod’s temperature and humidity sensors

In this article, we'll discuss how to use this new feature and show you how to use it with Apple Home smart home automations.With...
Shreya Christinahttps://londonbusinessblog.com
Shreya has been with londonbusinessblog.com for 3 years, writing copy for client websites, blog posts, EDMs and other mediums to engage readers and encourage action. By collaborating with clients, our SEO manager and the wider londonbusinessblog.com team, Shreya seeks to understand an audience before creating memorable, persuasive copy.

Akasa AirIndia’s newly launched airline that started operations earlier this month has made the personal details of thousands of its customers public due to a technical glitch affecting its login and signup service.

The exposed data, discovered by cybersecurity researcher Ashutosh Barotoincluding full names, gender, email addresses and phone numbers of customers who sign up and log in to the Akasa Air website.

The researcher found an HTTP request releasing the data minutes after looking at Akasa Air’s website on opening day on Aug. 7. He had initially tried to communicate directly with the Mumbai-based airline’s security team, but found no direct contact.

“I contacted the airline through their official Twitter account and asked them for an email address to report the issue. They gave me the email ID [email protected] to which I did not share the details of the vulnerability as it may be handled by support staff or third party vendors. So I emailed them again and asked: [the airline] to provide [the] email address of someone on their security team. I have received no further communication from Akasa,” the researcher said.

After the airline had not received a response on how to contact the security team, the researcher informed londonbusinessblog.com about the issue.

Akasa Air was quick to respond when we contacted us, acknowledging that the issue had compromised 34,533 unique customer records. The airline also said the exposed data did not include travel-related information or payment details.

When Akasa Air was notified of the incident, the sign-up service shut down. The airline also said it has added additional checks before resuming its service to the general public.

In addition, the airline told londonbusinessblog.com that it has conducted additional assessments to ensure the security of all of its systems.

Akasa Air reported the incident to the Indian cybersecurity agency CERT-In and informed the affected users through a statement that it also made public on Sunday. It advised users to “be aware of possible phishing attempts” because of the data exposure. It further confirmed to londonbusinessblog.com that it did not see an “unwanted spike in access” to the data.

“At Akasa Air, system security and protecting customer information is paramount, and our focus is to always provide a safe and reliable customer experience. While there are extensive protocols in place to prevent such incidents, we have taken additional measures to ensure that the security of all our systems is further enhanced. We will continue to maintain our robust security protocols and, where appropriate, work with partners, researchers and security experts from whom we can take advantage to strengthen our systems,” said Anand Srinivasan, co-founder and Chief Information Officer at Akasa Air, in a statement. drawn up.

“I am pleased that the airline resolved the issue at short notice and reported it to CERT-In and informed its customers about the incident, which is an exemplary step,” said the researcher.

Incidents of data exposure and leaks are becoming more common in India, which earlier this month repealed the latest iteration of its data protection law. A number of domestic companies in the country also do not have special programs to reward and encourage researchers who help find flaws in their systems.


More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

Husband of woman accused of murdering three children asks forgiveness for wife

The husband of the woman accused of killing her three children by strangling them before attempting suicide on Tuesday in Massachusetts says he has...

VC funding for Black web3 founders surfaced last year, against trends • londonbusinessblog.com

Much hope remains after the crypto winter almost froze the sector: the Luna crash, the bankruptcy of Celsius and the arrest of FTX founder...

Katie Feeney Boyfriend: Is The Youtuber Dating Baseball Champion Jack Hurley?

Katie Feeney Boyfriend: Is The Youtuber Dating Baseball Champion Jack Hurley?...

Using the Apple HomePod’s temperature and humidity sensors

In this article, we'll discuss how to use this new feature and show you how to use it with Apple Home smart home automations.With...

Save $93 on this mini AI robotic arm and software

Disclosure: Our goal is to provide products and services that we believe you will find interesting and useful. If you buy them, the...