Flipkart-owned Cleartrip, a flight booking platform, said that it suffered a major data breach in its internal systems.
In an email to customers, the company stated, “This is to inform you that there has been a security anomaly that entailed illegal and unauthorised access to a part of Cleartrip’s internal systems.”
However, the travel company assured them that no sensitive information pertaining to a user’s account had been compromised due to this incident, apart from a few personal details.
“We would like to assure you that aside from some details which are a part of your profile, no sensitive information pertaining to your Cleartrip account has been compromised as a result of this anomaly of our systems,” the company said in its email.
Cleartrip also advised users to reset their account password “as a precautionary measure,” it said. “We regret the inconvenience caused,” the company said.
The company added in the email that it has intimated about this data breach to the concerned authority (Cert-In) and is taking appropriate legal action to ensure necessary steps are being taken as per the law.
Founded back in 2006, Cleartrip was acquired by Walmart-owned Flipkart in April last year. Incidentally, this is not the first time that Cleartrip has faced a hacking attack. In 2017, Cleartrip’s website was hacked and defaced for a few minutes by a group called Turtle Squad.
India has been witnessing a growing incidence of data breaches over the past couple of years. Earlier this month, the Securities and Exchange Board of India (SEBI) lodged an FIR in connection with a cyber security incident that involved its email system.
In May 2022, SpiceJet confirmed ransomware attacks that led to numerous flight delays and cancellations through the following day. In February 2021, Air India's passenger service system provider, SITA, was hacked. This resulted in the theft of the personal data of 4.5 million passengers.
India ranked sixth among the countries with the highest number of data breaches. Eighteen out of every 100 Indians have been hit by data breaches since 2004, cybersecurity firm Surfshark said in a report in June this year. It also stated that India’s breach rate was 740% higher than the first quarter, as of June 1, rising from five to 42 breached accounts a minute.
“Since 2004, 14.9 billion accounts have been leaked, and a striking 254.9 million of them belong to users from India. This makes India sixth in the world by the number of breached users,” the report added.