SpiceJet Rushes to Fix Security Flaw in System and Save Data of Passengers

Ethical Hackers gained access to data on more than 1 million passengers of SpiceJet and went on to inform the airline and an India cybersecurity agency

By February 3rd, 2020 AT 10:34 AM
Highlights
  • Data of more than 1 million passengers was prone to hackers
  • CERT-In confirmed the security loophole in airline's systems
  • The data was found in an unencrypted database by the hackers

SpiceJet, one of the leading airlines in India and ranking second after IndiGo in low-cost carriers, has suffered a data breach from the “ethical hackers”. It is important to note that the hackers who have gained access to the information have informed the authorities about the loophole in SpiceJet’s security systems but have not come out in the open because they likely broke the law in the process. The “ethical hackers” discovered that the password of the SpiceJet system by brute-forcing their way into the systems. After gaining access of the systems, the hackers discovered an unencrypted database backup file that contained information of more than a million SpiceJet flyers. 

spicejet-ethical-hackers-data-flaw

Data of More than a Million Passengers

The report comes from TechCrunch. The data which found its way into the hands of the ethical hackers contained information of the fliers such as their names, email addresses, date of birth, phone numbers and more. Some of the information was of the state officials. The hackers also remarked that the information was easily accessible by someone who knew where to look. The hackers then reached out to the airline itself to inform it of the security loophole, only to get no response from SpiceJet. 

Indian Agency Informs SpiceJet

The security experts than reached out to CERT-In, a government-run agency in India that handles cybersecurity threats in the nation. The Indian agency then confirmed the security loophole in SpiceJet’s systems. When CERT-In reached out to SpiceJet, the airline issued a statement. 

SpiceJet’s statement said “at SpiceJet, safety and security of our fliers’ data is sacrosanct. Our systems are fully capable and always up to date to secure the fliers’ data which is a continuous process. We undertake every possible measure to safeguard and protect this data and ensure that the privacy is maintained at the highest and safest level.”

Read more on:

Whenever Arpit boards a plane he is filled with awe and bewilderment and soaring above the skies is something marvellous for him. An aviation and tech geek through and through Arpit writes at AviationScoop not only because he's experienced and good at his craft but also because flying is something which makes his heart flutter with joy.

Recent Posts

Vistara Delhi and Dehradun Daily Flight Service From 29th March

Vistara, India’s full-service carrier, added Dehradun, Uttarakhand to its network of operations. With this addition of a new city to...

Vistara Likely to Have First-Mover Advantage as Nelco Launches In-Flight Connectivity Services

Nelco, a Tata Enterprise and India’s leading VSAT solutions provider, announced the launch of Aero In-Flight Communication (IFC) services in...

Kolkata Airport Gets In-Line Baggage Scanning Allowing Passengers to Save Time

In-line baggage checking is one of the things that the flyers get in big airports. However, in smaller airports where...