The Indian online travel company Cleartrip revealed it has been affected by a data breach, which one security researcher described as “massive”.
The company said there had been a security anomaly that entailed illegal and unauthorised access to a part of its internal systems, it told customers in an email sent yesterday.
Cleartrip assured customers that aside from some details which are part of their profile, no sensitive information belonging to their account had been compromised as a result of the anomaly of its systems. The travel company said that customers could choose to reset their passwords as a precautionary measure.
“As per our protocols, we have immediately intimated the relevant cyber authorities and are taking appropriate legal action and recourse to ensure necessary steps are being taken as per the law,” the company stated in the email.
However, security researcher Sunny Nehra said that the company seems to have suffered a massive data breach. Nehra found that the threat actor posted a screenshot of the stolen data on a private forum to sell the data.
Nehra added that the breach is new and includes customer entries as well as internal company files. There are several files, including “B2C Customer Entries” and “09_India_hotel_sale”. The screenshot also appears to show that the hack may have taken place between April and May 2022.
“We have identified a security anomaly in a few of our internal systems,” a Cleartrip spokesperson told IT Pro. “Our information security team is currently investigating the matter along with a leading external forensics partner and is taking the necessary action. Appropriate legal action and recourse are being evaluated and steps are being taken as per the law.”
Cleartrip is a global online travel company headquartered in Mumbai which operates in India and the Middle East. It has offices in India, the UAE, Saudi Arabia, and Egypt. In April 2021, it was acquired by the Indian e-commerce giant Flipkart, which claims to have over 100 million registered users.
It’s not the only Indian company to be targeted by attackers recently, as a flood monitoring system in Goa was hit with ransomware last week. Cyber attackers demanded Bitcoin in return for decrypting the data after striking the Water Resource Department’s flood monitoring system with a ransomware attack on 21 June.
-
Latitude Financial's data policies questioned after more than 14 million records stolenNews Some of the data is from at least 2005 and includes customers’ name, address, and date of birth
-
Latitude hack now under state investigation as customers struggle to protect their accountsNews The cyber attack has affected around 330,000 customers, although the company has said this is likely to increase
-
IDCARE: Meet the cyber security charity shaping Australia and New Zealand's data breach responseCase Studies IDCARE is recruiting a reserve army to turbocharge the fightback against cyber crime not just in the region, but in the interests of victims all over the world
-
Australia commits to establishing second national cyber security agencyNews The country is still aiming to be the most cyber-secure country in the world by 2030
-
Medibank bleeds $26 million in cyber costs following hackNews The company believes this figure could rise to $45 million for the 2023 financial year
-
TikTok's two new European data centres to address data protection concernsNews The company is under pressure to prove its user data isn’t being accessed by the Chinese state
-
Cyber attack on Australia’s TPG Telecom affects 15,000 customersNews It is the third cyber attack on a major Australian telco since October
-
Telstra blames IT blunder for leak of 130,000 customer recordsNews Australia’s biggest telco said that the error was due to a mismanagement of databases and not a cyber attack
