Cleartrip – a Flight Booking Platform owned by Flipkart hit by a major data breach

Cleartrip Data Breach

Cleartrip Data Breach

Knowing that your data of customers has been stolen is one of the worst feelings in the world.  The same phenomenon has just been felt by Cleartrip as a hefty amount of datasets have been stolen by malicious actors as a number of news and social media post snippets are crawling on the internet related to this news and common people are kept asking about the details of the hacking activity to the concerned authorities.

In a proper email to its customers, the flight giant stated, “This is to inform you that there has been a security anomaly that entailed illegal and unauthorized access to a part of Cleartrip’s internal systems.”

Cleartrip Data Breach
Official Email from Cleartrip about its Data Breach

However, Cleartrip, the Flipkart-owned air ticketing & travel platform has sincerely made assured its customers that no such sensitive information containing any crucial as better as a confidential piece of information to any user’s account details had been jeopardized due to this illicit activity, but some personal information like travel history of the customers.

Moreover, they have requested the customers to update their personal log in details just as a precautionary measure to protect their respective personal accounts from unauthorized hacking activities.  They have also stated further, “We regret the inconvenience caused.”

Also read: ‘App Permissions’ list got removed from the new ‘Data Safety’ section by Google

Further, a user also posted that a number of clients’ personal data including travel history and other crucial pieces of information have been uploaded online on a private forum (say on Dark Web) just in order to sell the data.  This Twitter post also showcased that the hacker also possessed some of the crucial internal company files along with the customers’ entries in the selling list.

Cleartrip Data Breach
Files Shown on a Private Forum by a Malicious Actor

Furthermore, it was also mentioned in the same email came from Cleartrip higher authorities that they have reported the same hacking incident to the concerned authority (Cert-In) and are taking the needful steps as well as the legal actions against the culprits as per the law of the Indian Constitution.

Subsequently, this is not the first time Cleartrip has faced a similar incident.  The same data compromisation incident also happened with Cleartrip in 2017 by a hacking group with the name Turtle Squad.

In the past few years, the number of cyber-related crimes are vigorously increasing in India and we need proper manpower to fight against such serious activities of cyberattacks.  In the same vein, SEBI (Securities and Exchange Board of India) lodged an FIR of a cyber security incident dedicatedly related to the data compromisation of its email system.

It’s high time that we should take serious precautions as well as precautionary measures to tackle such hacking activities by enhancing the cyber security of our organizational IT infrastructures to the optimum level possible.

Leave a Reply

Your email address will not be published. Required fields are marked *