Skip to main content

SpiceJet Database Breach Exposed Details of 1.2 Million Passengers: Report

SpiceJet was reportedly affected by a security flaw that exposed private details of more than 1.2 million passengers, including flight information. The information is said to have been found in an unencrypted database file after a security researcher gained access to a SpiceJet system by brute forcing the password. For now, details about the hack remain scarce, and the low-cost Indian airline has not revealed much in the boilerplate statement it provided in response to the report.

As reported by TechCrunch, the breach was by a security researcher who the publication is not naming, as they likely violated US computer hacking laws. The report elaborates to claim the researcher gained access to one of SpiceJet’s systems by brute-forcing what’s being termed as an “easily-guessable password.” The system contained an unencrypted backup file with private details of over 1.2 million passengers, as of last month, including a rolling month’s worth details such as name, phone number, email address, date of birth, and flight information.

The report adds the researcher had described their breach as “ethical hacking”, and had contacted SpiceJet, but never received a “meaningful response” from the airline. It was only after the Ministry of Electronics and Information Technology’s (MeitY) Indian Computer Emergency Response Team (CERT-In) was notified, independently confirmed the researcher’s findings, and then alerted SpiceJet, that the breach was fixed.

Gadgets 360 reached out to SpiceJet spokesperson to comment on the security flaw. With the researcher themselves being reported to breach the system and gaining access to the database, the security lapse could perhaps be better termed as a vulnerability than a breach itself. It remains uncertain whether the data was leaked, or the ‘ethical hackers’ ensured that the database didn’t get into the wrong hands, and responsibly saw that the issue was fixed.

We received a boilerplate statement from a SpiceJet in response to our query, without confirming the breach, saying, “At SpiceJet, safety and security of our fliers’ data is sacrosanct. Our systems are fully capable and always up to date to secure the fliers’ data which is a continuous process. We undertake every possible measure to safeguard and protect this data and ensure that the privacy is maintained at the highest and safest level.”

Editor’s note: A previous version of this article stated that SpiceJet has confirmed to TechCrunch that the security lapse took place. The publication has since modified the article to remove all mentions of the confirmation, and we’ve made changes to reflect this upon clarification from SpiceJet.

This post “SpiceJet Database Breach Exposed Details of 1.2 Million Passengers: Report” is originally from NDTV Gadgets – Latest published on 2020-01-30 17:15:17. Hope you have liked the post. Don’t forget to share it using the social share buttons below this post.

Hows.in is an online portal where you will find such tech updates daily.

Follow us on Twitter @hows_in for all tech news and updates daily.



source https://hows.in/spicejet-database-breach-exposed-details-of-1-2-million-passengers-report/

Comments

Post a Comment

Popular posts from this blog

China sees app downloads surge in virus side-effect

NEW DELHI : Confined to their homes because of the coronavirus epidemic, millions of people in China are turning to mobile games and apps to break the monotony and to work as well, handing a surprise boost to app developers. China recorded 222 million downloads of various games and apps from Apple’s App Store since 2 February, according to app analytics firm App Annie. That was 40% more than the average weekly downloads in 2019, according to the company. While mobile games topped the list of downloads, there was also a significant increase in the download of apps related to education, entertainment, video and business. However, a similar spike in downloads of games and apps wasn’t seen in neighbouring countries such as South Korea and Japan, according to App Annie. Oliver Jones, co-founder and director of Bombay Play, a Bengaluru-based game developer, doesn’t find it surprising. “The most number of downloads and active usage occur during vacations, resulting in great monetizat
Post a Comment
Read more

HT Brunch Cover Story: Meet Bollywood’s own Miss Sunshine, Jacqueline Fernandez!

We look before and after, And pine for what is not: Our sincerest laughter With some pain is fraught -PB Shelly Jacqueline Fernandez Bollywood’s own Little Miss Sunshine whether she is sweating it out in the gym, or prepping for dance numbers, going for her morning horse riding sessions or just letting her hair down with her friends and co-actors, she is always resplendent. It seems if happiness had an Instagram account, it would look very similar to Jacqueline’s. But, is this instagrammed life, this joie de vivre, really real? Is it even possible for a girl living all alone so far away from her family and having such a highly-stressful job to be perpetually inside a happy bubble? I have always wondered. “It is not that I am consistently happy. I am consistently at peace with myself.” So, as the spunky actor plonks herself on the sofa wearing a casual white tee and black sweatpants, greeting me with her trademark smile and bouncy ponytail, I can’t help but ask her “Are you re
Post a Comment
Read more

SpiceJet data breach affects 1.2 million passengers: Report | BGR India

A data breach has hit one of India’s largest privately-held carriers, SpiceJet, affecting 1.2 million passengers in the country. Security researchers who first revealed the data breach told TechCrunch that they gained access to the carrier’s systems by brute-forcing the system’s easily guessable password. In a statement, SpiceJet said: “At SpiceJet, safety and security of our fliers’ data is sacrosanct. Our systems are fully capable and always up to date to secure the fliers’ data which is a continuous process. We undertake every possible measure to safeguard and protect this data and ensure that the privacy is maintained at the highest and safest level”. The private information of more than 1.2 million passengers were contained on an unencrypted database backup file of SpiceJet’s systems, according to the report. The details that the security researchers got access to as part of what they described as their “ethical hacking” efforts included the passenger’s name, their phone n
Post a Comment
Read more