fbpx
Thu.- Tue. (10.00 – 18:00) Wednesday CLOSED
      Customer

Login

Sign Up

After creating an account, you'll be able to track your payment status, track the confirmation and you can also rate the tour after you finished the tour.
Username*
Password*
Confirm Password*
First Name*
Last Name*
Email*
Phone*
Country*
* Creating an account means you're okay with our Terms of Service and Privacy Statement.

Already a member?

Login
Thu.- Tue. (10.00 – 18:00) Wednesday CLOSED
      Customer

Login

Sign Up

After creating an account, you'll be able to track your payment status, track the confirmation and you can also rate the tour after you finished the tour.
Username*
Password*
Confirm Password*
First Name*
Last Name*
Email*
Phone*
Country*
* Creating an account means you're okay with our Terms of Service and Privacy Statement.

Already a member?

Login

Breach at Indian airline SpiceJet affects 1.2 million passengers

SpiceJet, one of India’s largest privately-owned airlines, suffered a data breach involving the details of more than a million of its passengers, a security researcher told TechCrunch.

The security researcher, who described their actions as “ethical hacking” but whom we are not naming as they likely fell afoul of U.S. computer hacking laws, gained access to one of SpiceJet’s systems by brute-forcing the system’s easily guessable password. An unencrypted database backup file on that system contained private information of more than 1.2 million passengers of the budget-carrier last month, TechCrunch has learned.

Each record included details such as the name of the passenger, their phone number, email address and their date of birth, the researcher told TechCrunch. Some of these passengers were state officials, they said. The database included a rolling month’s worth of flight information and details of each commuter, they said, adding that they believe that the database was easily accessible for anyone who knew where to look.

The researcher alerted SpiceJet about the database but said they never received a meaningful response. TechCrunch reviewed a sample of the passenger list as well as the researcher’s email correspondence with SpiceJet representatives.

The researcher later alerted CERT-In, a government-run agency in India that handles cybersecurity threats in the nation. The agency confirmed the security lapse and alerted SpiceJet, which has since taken the necessary measures to protect the database.

An airline spokesperson said in a statement, “at SpiceJet, safety and security of our fliers’ data is sacrosanct. Our systems are fully capable and always up to date to secure the fliers’ data which is a continuous process. We undertake every possible measure to safeguard and protect this data and ensure that the privacy is maintained at the highest and safest level.”

SpiceJet commands roughly 13% of the market share in India, which is the fastest-growing aviation market globally. The airline flies more than 600 planes each day, including several that connect India to foreign regions such as Dubai and Hong Kong. About 12 million people in India fly each month.

Leave a Reply