Flipkart-owned travel booking platform, Cleartrip has suffered a security breach, which is said to have exposed a part of customer profiles. It wasn't clear how many customers data was breached.
The company said this breach did not expose any sensitive user information pertaining to their Cleartrip account. However, a security researcher, Sunny Nehra tweeted a screenshot of hackers selling Cleartrip data on the dark web and called it a massive data breach.
Leisure travel seeing a V-shape recoveryAirlines are scaling up their network to capitalise on summer season travel demand
“The screenshot as was posted by the threat actor (on private forum) to sell the data. As can be seen : the breach is new, customer entries info as well as internal company files are there,” Nehra said in a twitter post.
“We would like to assure you that aside from some details which are a part of your profile, no sensitive information pertaining to your Cleartrip account has been compromised as a result of this anomaly in our systems. You can choose to reset your password as a precautionary measure,” Cleartrip said in an email to its customers.
‘Taking legal action’
Cleartrip noted that as per protocols, it has intimated the relevant cyber authorities and is taking appropriate legal action and recourse to ensure necessary steps are being taken as per the law.
“This is to inform you that there has been a security anomaly that entailed illegal and unauthorised access to a part of Cleartrip’s internal systems. We regret the inconvenience caused. Thank you for your patronage and your continued trust in our brand,” the company added.