A glitch in the login page revealed sensitive personal data of 34,533 passengers, and was first detected by tech researcher Ashutosh Barot on August 7
Newly launched airline firm Akasa Air has already run into some problems, with independent cybersecurity researcher Ashutosh Barot discovering a glitch in the login and sign-up service that exposed the sensitive, personal data of 34,533 unique customer records.
Barot had tried to reach out to Akasa Air directly via its social media handles, but was not provided with a cybersecurity contact and was told to discuss any issues with the standard email contact, info@akasa.
However, when he finally decided to provide the story and reached out to Akasa for comment, the airline quickly confirmed the number of customer records put at risk by the glitch. The company also confirmed that the exposed data did not include travel-related information or payment records.
The company also shut down its sign-up service on being informed of the potential glitch.
“I am glad the airline fixed the issue on short notice and reported it to CERT-In as well as informed its customers about the incident, which is an exemplary step,” Barot said.
“While extensive protocols are in place to prevent incidents of such nature, we have undertaken additional measures to ensure the security of all our systems is even further enhanced. We will continue to maintain our robust security protocols, engaging wherever applicable with partners, researchers, and security experts from whom we can benefit to strengthen our systems,” Anand Srinivasan, Co-founder and Chief Information Officer at Akasa Air, said in a statement, as per reported by YourStory.
Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter
About us:
CIO News, a proprietary of Mercadeo, produces award-winning content and resources for IT leaders across any industry through print articles and recorded video interviews on topics in the technology sector such as Digital Transformation, Artificial Intelligence (AI), Machine Learning (ML), Cloud, Robotics, Cyber-security, Data, Analytics, SOC, SASE, among other technology topics