There has been a major cyber attack on Flipkart-owned company Cleartrip. According to the report, there has been a cyber attack on Cleartrip’s system, after which millions of users’ personal are being sold on the dark web. Cleartrip has confirmed this data leak and informed its customers through e-mail.
In an email to customers, Cleartrip said,
“You are informed that a security breach has occurred and hackers have gained access to Cleartrip’s internal systems.” The company has said in the email that only the profile information of the users has been leaked in this data leak.
Cleartrip has denied leaking the personal data of any users. The company has said that it will take legal action against the hacker. The company has advised users to reset the password as a precautionary measure. Security researcher Sunny Nehra has given information about this data leak of Cleartrip. The leaked data was also listed on the dark web in June, that is, this cyber attack happened long ago.
According to Sunny Nehra, hackers are also selling this data through the dark web,
although no information has been received about the price at the moment. According to Nehra, it seems that the hacker has reached the complete data of Cleartrip. Let us tell you that earlier in 2017 also there was a cyber attack on Cleartrip.
According to Nehra’s tweet, the leaked data contains complete information from the complete information of the customers to the earnings of the company. The leaked data also contains the GST files. In such a situation, a big question arises about the security of the company.
Cleartrip has denied leaking the personal data of any users. The company has said that it will take legal action against the hacker. The company has advised users to reset the password as a precautionary measure.
India has been witnessing a growing incidence of data breaches over the past couple of years.
Earlier this month, the Securities and Exchange Board of India (SEBI) lodged an FIR in connection with a cyber security incident that involved its email system.“Recently a cyber security incident has been noticed on the email system of SEBI which was undergoing a system upgrade and accordingly an FIR as per the relevant provisions of law has been filed,” the markets regulator said in a statement.
In May 2022, SpiceJet announced that it faced ransomware attacks that led to numerous flight delays and cancellations through the following day. In February 2021, Air India’s passenger service system provider, SITA, was hacked. This resulted in the theft of the personal data of 4.5 million passengers.
Taking legal action’
Cleartrip noted that as per protocols, it has intimated the relevant cyber authorities and is taking appropriate legal action and recourse to ensure necessary steps are being taken as per the law.
“This is to inform you that there has been a security anomaly that entailed illegal and unauthorized access to a part of Cleartrip’s internal systems. We regret the inconvenience caused. Thank you for your patronage and your continued trust in our brand,” the company added.