Akasa Air exposed personal data of its passengers

The company apologised for this incident and assured that no travel-related or payment information of the customers was compromised.

August 29, 2022 07:30 pm | Updated 07:37 pm IST

A plane from India’s newest airline Akasa Air prepares for take off from the Chhatrapati Shivaji Maharaj International Airport, in Mumbai

A plane from India’s newest airline Akasa Air prepares for take off from the Chhatrapati Shivaji Maharaj International Airport, in Mumbai | Photo Credit: SHASHANK PARADE

India’s newest airline, Akasa Air, exposed personal identity data including names, email IDs and phone numbers of its customers.

(Sign up to our Technology newsletter, Today’s Cache, for insights on emerging themes at the intersection of technology, business and policy. Click here to subscribe for free.)

A technical error in our login and sign-up service reported on Thursday exposed personal data like names, gender, email addresses and phone numbers of some passengers which may have been viewed by unauthorized individuals, the airline acknowledged in a statement.

The company apologised for this incident and assured that no travel-related or payment information of the customers was compromised.

It has reported the incident to CERT-In, the Government authorised nodal agency tasked to deal with such incidents.

It has also stopped this unauthorised access by completely shutting down the associated functional elements of their system, added additional controls to address this and resumed their login and sign-up services.

This issue was first discovered by cybersecurity researcher Ashutosh Barot on August 7, the day when the airline started its flight operations.

He warned about this in a blog and explained how he could access user’s personal information like contacts, while he explored the airline’s security system for bugs.

Top News Today

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.