SpiceJet Data Breach Exposes Data Of 1.2 Mn Passengers

SpiceJet Data Breach Exposes Data Of 1.2 Mn Passengers

SUMMARY

Security researchers accessed the database by using easily guessable password combinations

Personal data of the fliers was stored in an unencrypted database backup file

Personal information such as name, phone number, and email address was compromised

While data breaches are common for internet companies, a new data breach has affected one of India’s largest airlines, SpiceJet. According to TechCrunch, the latest data breach compromised personal details of 1.2 Mn passengers of SpiceJet.

On how the breach occurred in the first place, security researchers said that they got access to SpiceJet’s database by using easily guessable password combinations. The personal data of passengers was stored in an unencrypted database backup file, according to the security researchers who work as white-hat security professionals aka ethical hackers.

Personal information of passengers including names, phone numbers, email addresses, and dates of birth was stored in the database. Additionally, information related to SpiceJet flights was also easily accessible for anyone who knew where to look, the security researchers added. The leaked information also includes personal details of government officials.

Does SpiceJet Value Personal Data?

The security experts further said that they had approached SpiceJet about the data breach but much to their surprise, the company never sent an appropriate response to the discovery.

With SpiceJet not taking any serious action towards the data breach, the researchers then alerted the Indian Computer Emergency Response Team (CERT-In). The nodal body commissioned for preventing cybersecurity attacks in India then alerted SpiceJet about the breach. It was after CERT-In’s alert that finally got SpiceJet to take action and secure the database.

In response to the data breach, SpiceJet said that it respects the safety and security of its fliers’ data. “Our systems are fully capable and always up to date to secure the fliers’ data which is a continuous process,” the airline company added. SpiceJet has a market share of 13% in India’s aviation market and it flies around 600 aeroplanes each day on average.

In India, the number of data breaches have ramped up in the past few years. According to a new Data Security Council of India (DSCI) report, India has been identified as the second most cyberattacks affected country between 2016 to 2018. Besides the like of large internet organisations such as WhatsApp, Facebook, and Google, companies such as OnePlus and JustDial have also faced the wrath of data breaches.

In November 2019, Chinese smartphone maker OnePlus had announced a security breach that affected some of its users, including India and other countries. On the other hand, a major security flaw was found on the mobile application of Indian hyperlocal search engine JustDial in October 2019.

Note: We at Inc42 take our ethics very seriously. More information about it can be found here.

You have reached your limit of free stories
Become An Inc42 Plus Member

Become a Startup Insider in 2024 with Inc42 Plus. Join our exclusive community of 10,000+ founders, investors & operators and stay ahead in India’s startup & business economy.

2 YEAR PLAN
₹19999
₹7999
₹333/Month
UNLOCK 60% OFF
Cancel Anytime
1 YEAR PLAN
₹9999
₹4999
₹416/Month
UNLOCK 50% OFF
Cancel Anytime
Already A Member?
Discover Startups & Business Models

Unleash your potential by exploring unlimited articles, trackers, and playbooks. Identify the hottest startup deals, supercharge your innovation projects, and stay updated with expert curation.

SpiceJet Data Breach Exposes Data Of 1.2 Mn Passengers-Inc42 Media
How-To’s on Starting & Scaling Up

Empower yourself with comprehensive playbooks, expert analysis, and invaluable insights. Learn to validate ideas, acquire customers, secure funding, and navigate the journey to startup success.

SpiceJet Data Breach Exposes Data Of 1.2 Mn Passengers-Inc42 Media
Identify Trends & New Markets

Access 75+ in-depth reports on frontier industries. Gain exclusive market intelligence, understand market landscapes, and decode emerging trends to make informed decisions.

SpiceJet Data Breach Exposes Data Of 1.2 Mn Passengers-Inc42 Media
Track & Decode the Investment Landscape

Stay ahead with startup and funding trackers. Analyse investment strategies, profile successful investors, and keep track of upcoming funds, accelerators, and more.

SpiceJet Data Breach Exposes Data Of 1.2 Mn Passengers-Inc42 Media
SpiceJet Data Breach Exposes Data Of 1.2 Mn Passengers-Inc42 Media
You’re in Good company