Akasa Air suffered a mega data breach involving the personal details of its passengers on August 25, the Indian domestic airline told the team of the Indian Computer Emergency Response Team (CERT-In). Akasa Air said it informed CERT-IN that passenger details such as name, gender, phone number and email ID were leaked.
“This is to inform you that a temporary technical configuration error related to our login and sign-up service was reported on Thursday, August 25, 2022,” Akasa Air said in a mail.
Also read Akasa Air will operate 2 flights per day on Bengaluru-Mumbai route
But it said no confidential passenger details, such as travel records or payment information, were exposed during the leak.
The airline claims to have self-reported the data breach to CERT-In. The security agency can conduct a thorough investigation to find out the depth of the incident.
“We have self-reported the incident to CERT-In (which is the nodal agency authorized by the government to deal with incidents of this nature). Despite having extensive protocols in place to prevent such incidents, we have conducted additional reviews to ensure. The security of all our systems is more Extended,” the email above reads.
Apart from informing CERT-IN, Aaksha Air sent emails on Saturday and Sunday to its passengers who registered with the airline and shared their personal details.
Also read ‘Our journey begins…’: Akasa Air begins operations
“At Akasa Air, system security and protection of customer information is paramount, and our focus is always on providing a secure and reliable customer experience. We are constantly strengthening our systems, including working with experts and the research community, to ensure they are robust,” it said. . We sincerely apologize to you for any inconvenience caused by this incident,” the airline further said in the mail on Sunday.
Earlier, login and sign-up services were stopped by Air Akasa during the breach, but they have been reopened to be available to new users.