Has Ixigo Suffered Data Breach? Still Investigating The Matter Says Company

Has Ixigo Suffered Data Breach? Still Investigating The Matter Says Company

SUMMARY

A hacker has allegedly stolen 18 Mn records from Ixigo, Techcrunch reported

Ixigo said it will confirm the matter by February 18

The company has reset user passwords, added new security measures as precautions

Gurugram-based online travel agency (OTA), Ixigo, is currently investigating the allegations of a user data breach and maintains that, as of now, “there’s nothing conclusive to show that it has actually happened”.

Techcrunch on February 12 reported that “18 million records from travel booking site Ixigo” have been stolen by a hacker as part of 127 million records it stole from eight websites. The story, which was first reported by UK-based tech news website the Register, said that users name, email addresses, scrambled passwords were leaked. Ixigo has said it will clarify the matter by Monday (February 18).

According to Techcrunch, citing hacker’s listings, Ixigo used an old and outdated MD5 hashing algorithm to scramble passwords, which hackers can easily unscramble.

“We are continuing to investigate the alleged breach and have not confirmed anything. We do not store payment, cards or financial information for any of our users. We encrypt and hash our passwords with a one-way hashing algorithm,” Ixigo’s founder Aloke Bajpai told Inc42 in an email correspondence.

Ixigo has now claimed to have already taken pre-emptive security measures, such as two-factor authentication; and have also, as a precaution, reset passwords and security tokens of its users.

Bajpai, along with cofounder Rajnish Kumar launched Ixigo in 2006 and counts Sequoia Capital India, Fosun RZ Capital, SAIF Partners as major investors. The startup claims a user base of over 100 million, as of October 2018. Ixigo allows users to compare and book from more than 120 travel suppliers and OTAs across flights, hotels, trains, cabs and destinations.

Data is being widely touted as the new oil, and as a result it has become very lucrative for hackers to steal it and sell it. Earlier, online food delivery startup Zomato, and FreshMenu, fintech startup EarlySalary, McDonald’s India, Ashley Madison, Sony, and many others have been the victims of data breaches.

Presently, there is no specific legislation that deals with data protection. However, with the growing concern over rising cases of data breaches, the Ministry of Electronics and Information Technology (MeitY) has formulated a Draft Personal Data Protection Bill, 2018. The Bill, once enacted, prescribes penalties up to INR 5 Cr ($700.9K) and can go up to INR 15 Cr ($2.1 Mn) for violations such as processing of personal data, etc.

You have reached your limit of free stories
Become An Inc42 Plus Member

Become a Startup Insider in 2024 with Inc42 Plus. Join our exclusive community of 10,000+ founders, investors & operators and stay ahead in India’s startup & business economy.

2 YEAR PLAN
₹19999
₹7999
₹333/Month
Unlock 60% OFF
Cancel Anytime
1 YEAR PLAN
₹9999
₹4999
₹416/Month
Unlock 50% OFF
Cancel Anytime
Already A Member?
Discover Startups & Business Models

Unleash your potential by exploring unlimited articles, trackers, and playbooks. Identify the hottest startup deals, supercharge your innovation projects, and stay updated with expert curation.

Has Ixigo Suffered Data Breach? Still Investigating The Matter Says Company-Inc42 Media
How-To’s on Starting & Scaling Up

Empower yourself with comprehensive playbooks, expert analysis, and invaluable insights. Learn to validate ideas, acquire customers, secure funding, and navigate the journey to startup success.

Has Ixigo Suffered Data Breach? Still Investigating The Matter Says Company-Inc42 Media
Identify Trends & New Markets

Access 75+ in-depth reports on frontier industries. Gain exclusive market intelligence, understand market landscapes, and decode emerging trends to make informed decisions.

Has Ixigo Suffered Data Breach? Still Investigating The Matter Says Company-Inc42 Media
Track & Decode the Investment Landscape

Stay ahead with startup and funding trackers. Analyse investment strategies, profile successful investors, and keep track of upcoming funds, accelerators, and more.

Has Ixigo Suffered Data Breach? Still Investigating The Matter Says Company-Inc42 Media
Has Ixigo Suffered Data Breach? Still Investigating The Matter Says Company-Inc42 Media
You’re in Good company