New Delhi, Jan 31 (SocialNews.XYZ) A data breach has hit one of India's largest privately-held carriers, SpiceJet, affecting 1.2 million passengers in the country.
Security researchers who first revealed the data breach told TechCrunch that they gained access to the carrier's systems by brute-forcing the system's easily guessable password.
In a statement, SpiceJet said: "At SpiceJet, safety and security of our fliers' data is sacrosanct. Our systems are fully capable and always up to date to secure the fliers' data which is a continuous process. We undertake every possible measure to safeguard and protect this data and ensure that the privacy is maintained at the highest and safest level".
The private information of more than 1.2 million passengers were contained on an unencrypted database backup file of SpiceJet's systems, according to the report.
The details that the security researchers got access to as part of what they described as their "ethical hacking" efforts included the passenger's name, their phone number, email address and their date of birth.
Acording to the security researchers, the database was easily accessible to everyone who knew where to look.
Despite alerting SpiceJet about the data base, the researchers said they did not receive a meaningful response from the carrier.
This led them to alert the Indian Computer Emergency Response Team (CERT-In).
The aviation major, however, did not confirm CERT-In's findings.
Source: IANS
Gopi Adusumilli is a Programmer. He is the editor of SocialNews.XYZ and President of AGK Fire Inc.
He enjoys designing websites, developing mobile applications and publishing news articles on current events from various authenticated news sources.
When it comes to writing he likes to write about current world politics and Indian Movies. His future plans include developing SocialNews.XYZ into a News website that has no bias or judgment towards any.
He can be reached at gopi@socialnews.xyz
This website uses cookies.
