Posted on

India’s Akasa Air exposed sensitive records of thousands of customers


Akasa Air, India’s newly launched airline that began operations earlier this month, exposed the personal data of thousands of its customers because of a technical glitch that affected its login and sign-up service.
The exposed data, discovered by cybersecurity researcher Ashutosh Barot, included full names, gender, email addresses and phone numbers of customers signing up and logging in on the Akasa Air website.
The researcher found an HTTP request disclosing the data minutes after looking at Akasa Air’s website on its inaugural day on August 7. He had initially tried to communicate with the security team at the Mumbai-based airline directly but did not find a direct contact.
“I reached out to the airline via their official Twitter account, asking …

Read More