Cleartrip, a popular travel-booking platform in India, has confirmed a Flipkart-owned Cleartrip reports user data breach after hackers purportedly published the stolen data on the dark web directly.
TechCrunch encouraged TechCrunch after the website’s most popular blogger shared a tip that it had been discovering bots utilizing machine learning algorithms on the website of one of China’s biggest long-haul travel organizations. Cleartrip said it was taking legal action against the hackers.
“We have identified a security anomaly in a few of our internal systems,” a Cleartrip spokesperson said in a prepared statement to TechCrunch. (The spokesperson did not disclose their name.) Our information security team is investigating the security breach along with a leading external forensic partner and is taking the necessary steps. Appropriate legal recourse and action are taking place, and there are measures being taken according to the law.
The sensitive nature of the data loss and the exact details of the incident are not known until the situation is resolved. Apply for the best android VPN for securing yourself from a data breach.
Security researcher Sunny Nehra published a TechCrunch blog post on Monday morning concerning the Flipkart-owned Cleartrip reports user data breach she warned about last week. The researcher said the hackers marketed the contents of the post on their private forum, which is only accessible with high degrees of authentication. The exact pricing of the breach was not mentioned in the article of Flipkart-owned Cleartrip reports user data breach, though the researcher could provide it to the media.
The post was taken down only an hour after it was posted on the forum.
TechCrunch contacted Cleartrip after seeing a screenshot provided by Nehra, allegedly showing the Flipkart-owned Cleartrip reports user data breach incident.
“Looking at the file names in the screenshot that was posted by the threat actor, one can analyze the scope of the breach,” Nehra said.
He claimed that it looked like hackers had gained all Cleartrip data.
“Apart from files seemingly having customer info, revenues, etc., there are also files including ‘GST on advance working’ which raise many questions about the involvement of some insider,” Nehra said.
The files thieves offered for sale were also files from June, suggesting that the information was obtained recently, as the security researcher explained to TechCrunch News.
Nehra notified the Computer Emergency Readiness Team about the incident of Flipkart-owned Cleartrip reports user data breach in India. To protect data from leaking, you can get access to Free VPN India at reasonable pricing.
Cleartrip started acquainting consumers with the nature of the data breach in an ambiguous tone, without providing any information on which information was accessed by the hackers.
“We would like to assure you that aside from some details which are a part of your profile, no sensitive information pertaining to your Cleartrip account has been compromised as a result of this anomaly of our systems,” the company said in its email.
Cleartrip also informed users to change their account password “as a precautionary measure,” it said. “We regret the inconvenience caused,” the company said.
Founded in 2006, Cleartrip was acquired by Flipkart, a Walmart company, in April 2018. The group promotes air travel bookings and hotel reservations through its website, which is accessible from the web and via native mobile apps.