• World CyberCon India
Data Breaches Firewall Daily

Akasa Air Suffers Data Breach, Passengers’ Information Leaked

In the statement, Akasa Air confirmed that unauthorized individuals could have viewed the leaked passenger data.

Akasa Air Suffers Data Breach, Passengers’ Information Leaked
  • PublishedAugust 29, 2022

Akasa Air suffered a data breach that leaked the personal information of its passengers, including their email addresses, names, gender, and other private information, on August 25, 2022. The Indian airline company alerted the Computer Emergency Response Team (CERT-In) about the breach.

Error in technical configuration

The Indian airline Akasa Air, backed by billionaire investor Rakesh Jhunjhunwala, began its commercial operation on August 7, 2022. However, in less than a month, it got hit by a data breach, possibly caused by an internal system error.

In an official statement addressing the data breach, Akasa Air said, “As a result of this configuration error, some Akasa Air registered user information limited to names, gender, email addresses, and phone numbers may have been viewed by unauthorized individuals.”

Moreover, the statement added that the leak was caused by an internal “temporary technical configuration error” related to the login and sign-up service on the website portal and that there was no intentional hacking attempt.

Post the incident, the higher authorities at the airlines were notified, and Akasa Air reached out to CERT-in, sharing details of the compromised data, including passengers’ names, ages, addresses, phone numbers, gender, and email ID.

Unauthorized users might have access to the leaked data

Akasa Air confirmed that unauthorized individuals could have viewed the leaked passenger data in the statement. However, the airline assured users that the data leak did not compromise passengers’ sensitive information, including travel-related details, records, and payment information.

The company also shared that it had taken the necessary steps to prevent unauthorized access of the data, including shutting down associated functional elements of the airline and resuming it once the data was secured, reporting the incident to CERT-In and informing all the users whose data was leaked by the error. They further notified the users to be aware of any phishing attempts that may surface sooner or later since hackers might have accessed the information while it was available on the internet.

Written By

The Cyber Express is a publication that aims to provide the latest news and analysis about the information security industry. The news comes from a variety of sources and is updated regularly so that readers can stay up to date with the latest happenings in this rapidly growing field.