News Update

India’s Akasa Air exposed thousands of consumers’ private data


Because of a technical malfunction that crippled its login and sign-up service, Akasa Air, India’s newly founded airline that began operations earlier this month, exposed the personal data of thousands of its clients. Ashutosh Barot, a cybersecurity researcher, uncovered the exposed data, which includes full names, genders, email addresses, and phone numbers of consumers signing up and logging in on the Akasa Air website. On August 7, the researcher discovered an HTTP request revealing the data minutes after visiting Akasa Air’s website. He attempted to call the security personnel at the Mumbai-based airline directly at first but was unsuccessful.

“I contacted the airline using their official Twitter account, asking for an email address to report the problem.” They provided me with the info@akasa email address, which I did not share the vulnerability information with because it may be handled by support employees or third-party suppliers. So I emailed them again, this time asking [the airline] for [the] email address of someone on their security staff. “I didn’t hear anything else from Akasa,” the researcher stated. When we contacted Akasa Air, they responded swiftly and acknowledged that the issue had put 34,533 unique customer details in danger. The airline further stated that the exposed data did not include any trip or payment details.

Akasa Air Jet

Akasa Air suspended its sign-up service after learning about the occurrence. The airline also stated that it had installed additional measures before resuming broad public service. Furthermore, the airline stated that it conducted additional checks to verify the security of all its systems. Akasa Air reported the incident to India’s official cybersecurity body CERT-In and notified affected customers in a statement released on Sunday. Because of the data vulnerability, it is recommended users “be wary of possible phishing attempts.” It was also determined that there was no “unwanted rise in access” to the data.“At Akasa Air, system security and customer information protection are of the utmost importance, and our goal is to constantly provide a secure and dependable client experience.” While numerous protocols are in place to prevent such accidents, we have taken further steps to ensure that the security of all our systems is reinforced even further. “We will continue to maintain our comprehensive security protocols, working with partners, researchers, and security professionals wherever possible to strengthen our systems,” said Anand Srinivasan, Co-Founder and Chief Information Officer at Akasa Air.

“I am delighted the airline addressed the problem quickly and reported it to CERT-In, as well as alerted its customers about the occurrence,” the researcher stated.

 

Also Read

Follow Startup Story

Related Posts
  • January 10, 2025,
Abhinandan Narayan Joins Revfin as Chief Business…

Leadership
  • January 10, 2025,
NRAI May Approach CCI Over Zomato, Swiggy’s…

News
  • January 10, 2025,
NOOE Breaks Records on Shark Tank India…

Shark Tank India Season 4
  • January 9, 2025,
Zaggle Inks Pact to Offer SaaS Solutions…

Fintech
Startup story is a platform designed to promote businesses and entrepreneurs, prioritising ventures that are left overlooked and unrecognised in the Indian startup ecosystem i.e the startups from tier 2, tier 3 and tier 4 cities but are progressively succeeding. Startup Story becomes their voice by sharing their journey and business ideas to a greater audience using various verticals including articles, podcast, storytelling, video Interviews, e-newspaper and magazine.
Startup Story
More Services
Company
Terms and Condition     Privacy policy         Support Us
© Startup Story Private Limited. All Rights Reserved.