You know that Cleartrip is one of the most popular Ticket Booking Sites that is used by several users to travel from one place to another. So, what happened to the site reviews after a little news? Actually, the defending team is backing off from the statement that the data related to the customers were compromised.
Flight and Hotel Bookings need several confidential data about the traveler or the guest/ tenant to settle the registration. In case, someone is in the hit list of Police, the information the site gathers can be helpful in treating the loss.
However, companies follow the rules and regulations of their policies that say not to disclose the confidential data related to the organization or the customers. If anyone does that then that would be a punishable offense.
Well, till yesterday Cleartrip was still reliable but after the tweet of an independent threat researcher “Sunny Nehra”, the whole situation turned its back on the customers.
The data was containing:
- B2C Customer Entries for 2021-22
- Organization’s Internal Financial Reports
- Vendor-Related Data
- Refund Data
- GST Fillings
According to the Cleartrip’s Statement it seemed to be that they were covering the fact that the data had been compromised. The statement was stating that the data belonging to the customers wasn’t compromised.
ETCISO provided screenshots of compromised data. That data wasn’t only being filled with the customer’s confidential data, but the organizational internal documents were also present. Now, you must have got the idea that this wasn’t any joke, and no one’s trying to mock anyone.
It was a serious note from the attackers that nothing is safe, properly if you feel too easy and leave the things by themselves. Not only the data was leaked but also put up on a Dark Web for the buyers to purchase. It was found out that the amount was undisclosed that the seller asked for from buyers.
This screenshot is shared by an independent threat researcher known as “Sunny Nehra”. You can clearly see that this list consists of the data related B2C Customers Entries for 2021-22. Also, it has more than one component of data in it.
“The CyberAttacker was a Network Specialist”
According to Nehra…
The attacker got the access to the Cleartrip’s Network because he has expertise in Networking so, breaching the data wasn’t much risk for him. How did he make it? Does he have any experienced past? Yes, he does! His past is full of Network Hacking consisting of the use of Unauthorized Network Access.
This incident resulted in hiring an expensive computer forensic investigation team. However, it still wasn’t clear what kind of data was compromised.
It can be the case that the attacker might have taken advantage of the Zero Day. If a Zero Day is based on Common Payloads, then it can’t be flagged and stopped by an Organizational Security Operations Centre. That can also happen with any Network Traffic Monitoring or a Blocking System that usually doesn’t happen with most zero days if they’re not based on common payloads.
The attacker didn’t only attack Cleartrip, but also took others at its target that consists:
- Data from Power Grid
- A Major Medical Institute
- Networks of other critical infrastructure entities in India.
According to Cleartrip
The attacker surely got access to Organizational Internal Systems, but Cleartrip assured that the sensitive data wasn’t compromised. Anyway, they are considering this matter seriously and trying to enhance their Network Security.
In Cleartrip’s Note…
Other than some details of customers which were a part of their profile, nothing much was compromised from the attack that can be called sensitive enough to take stress on. Moreover, this attack just happened due to an anomaly in their systems.
Cleartrip has taken a Legal Action towards the incident and advised the customers to reset the Login Passwords, immediately. ETCISO didn’t get any revert from Cleartrip about the incidents and what kind of ransomware was found in the mishap. How much data was compromised and what system got affected by the attack.
Risk in Booking Online
The most common answer for this query would be that an innumerable count of people logs in such sites and places their confidential information in the database of the particular. Due to that the risk of getting data leaked increases which is just not healthy for the customers as well as the organization.
So, attackers find these platforms as their favorite place to attack due to the bulge of data of millions of people. Now that you know the consequences, you might be thinking what could have happened to the customer if this mistake wasn’t found earlier.
Online Security and New Generation
Through this incident, it is easy to understand that networks and databases are not in a safe place if they were not in the care of a responsible person. As a responsible youth, you can be a part of those professionals who are responsible for network security and can provide several organizations with your skills & intelligence.
How would you do that? For that, you can join a Basic Networking Course with Certification offered by Craw Security. Want to join an institute that will provide you with the best trainers to guide you through theoretical and practical knowledge? If yes, then the answer to your question would be only Craw Security.
For more information Enroll, Now! Via following the provided contact details contact Craw Security!
Email– [email protected]
Contact Info– 9513805401