Skip to main content

SpiceJet Database Breach Exposed Details of 1.2 Million Passengers: Report

SpiceJet was reportedly affected by a security flaw that exposed private details of more than 1.2 million passengers, including flight information. The information is said to have been found in an unencrypted database file after a security researcher gained access to a SpiceJet system by brute forcing the password. For now, details about the hack remain scarce, and the low-cost Indian airline has not revealed much in the boilerplate statement it provided in response to the report.

As reported by TechCrunch, the breach was by a security researcher who the publication is not naming, as they likely violated US computer hacking laws. The report elaborates to claim the researcher gained access to one of SpiceJet’s systems by brute-forcing what’s being termed as an “easily-guessable password.” The system contained an unencrypted backup file with private details of over 1.2 million passengers, as of last month, including a rolling month’s worth details such as name, phone number, email address, date of birth, and flight information.

The report adds the researcher had described their breach as “ethical hacking”, and had contacted SpiceJet, but never received a “meaningful response” from the airline. It was only after the Ministry of Electronics and Information Technology’s (MeitY) Indian Computer Emergency Response Team (CERT-In) was notified, independently confirmed the researcher’s findings, and then alerted SpiceJet, that the breach was fixed.

Gadgets 360 reached out to SpiceJet spokesperson to comment on the security flaw. With the researcher themselves being reported to breach the system and gaining access to the database, the security lapse could perhaps be better termed as a vulnerability than a breach itself. It remains uncertain whether the data was leaked, or the ‘ethical hackers’ ensured that the database didn’t get into the wrong hands, and responsibly saw that the issue was fixed.

We received a boilerplate statement from a SpiceJet in response to our query, without confirming the breach, saying, “At SpiceJet, safety and security of our fliers’ data is sacrosanct. Our systems are fully capable and always up to date to secure the fliers’ data which is a continuous process. We undertake every possible measure to safeguard and protect this data and ensure that the privacy is maintained at the highest and safest level.”

Editor’s note: A previous version of this article stated that SpiceJet has confirmed to TechCrunch that the security lapse took place. The publication has since modified the article to remove all mentions of the confirmation, and we’ve made changes to reflect this upon clarification from SpiceJet.

This post “SpiceJet Database Breach Exposed Details of 1.2 Million Passengers: Report” is originally from NDTV Gadgets – Latest published on 2020-01-30 17:15:17. Hope you have liked the post. Don’t forget to share it using the social share buttons below this post.

Hows.in is an online portal where you will find such tech updates daily.

Follow us on Twitter @hows_in for all tech news and updates daily.



source https://hows.in/spicejet-database-breach-exposed-details-of-1-2-million-passengers-report/

Comments

Post a Comment

Popular posts from this blog

iOS Copy-Paste Data Vulnerable to Snooping by Other Apps: Researchers

When it comes to data privacy and security, Apple has rarely shied away from taking credit for its encryption and security. Even in the tech industry, analysts have time to time lauded the company for its relatively secure operating system when compared to its immediate competitors. But now an alleged flaw in its ecosystem, exposed by two researchers, may allow personal data in Apple’s iPad and iPhone devices to be intercepted. According to Talal Haj Bakry and Tommy Mysk, when a user copies any miscellaneous data, it gets stored on Apple’s general pasteboard (commonly known as clipboard). This data temporarily stored to the device’s memory can be accessed by all apps, thereby, risks revealing private information such as a user’s GPS coordinates, passwords and banking details. “iOS and iPad operating system apps have unrestricted access to the system-wide general pasteboard,” the duo noted in a post published on Monday. They added saying, “A user may unwittingly expose their precise ...
Post a Comment
Read more

Best hair removal creams for men to buy online in India

List of best hair removal creams for men to buy online in India . We have reviewed 9827 hair removal creams for men online and crafted the list of top 10 hair removal creams for men . You must checkout the list if you planning to buy a hair removal creams for men online. source https://hows.in/best-hair-removal-creams-for-men-to-buy-online-in-india/
Post a Comment
Read more

Personal Agenda with Naezy: “Asli hip-hop is staying true to your roots and rapping your heart out!”

Date of birth: August 10 Sunsign :Leo Place of birth: Mumbai Hometown: Mumbai School/college: St. Joseph High School, Kurla/ Rizvi College, Mumbai & Guru Nanak Khalsa College, Mumbai High point of your life: The recent release of my first album, Maghreb Low point of your life: Taking a year-long sabbatical from music Define Naezy in three original lines. Naezy, Naved ka bhavishya hai, ek asaadharan roop hai, jiska ek maksad hai aur woh hai inquilab What’s asli hip-hop according to you? Staying true to your roots and rapping your heart out! Tell us the best and worst thing about the hip-hop scene in Mumbai. The best part is the fact that it’s original and authentic, the worst is that it’s too hyped. Name the most underrated rapper in India today? Prabhdeep. Movie: Rang De Basanti (2006) Comfort food: Anything with lots of cheese and lots of meat Holiday destination: Countryside, in the UK Hindi word: Aatm-sammaan Indian hip-hop artist: Mawali And the ...
Post a Comment
Read more