Flipkart-owned Cleartrip, a flight booking platform, on July 18 said that its internal systems were breached by unnamed perpetrators.
In an email sent to customers, Cleartrip said, “This is to inform you that there has been a security anomaly that entailed illegal and unauthorised access to a part of Cleartrip’s internal systems.”
In the email, Cleartrip informed that apart from a person's profile, "no sensitive information pertaining to your Cleartrip account has been compromised as a result of this anomaly of our systems".
Cleartrip did not provide any further details on the nature of the hack their systems suffered or who the hackers were. However, they advised people to reset their passwords as a precautionary measure.
“As per our protocols, we have immediately intimated the relevant cyber authorities and are taking appropriate legal action and recourse to ensure necessary steps are being taken as per the law,” the company said.
In response to queries by Moneycontrol, a Cleartrip spokesperson in a statement said that they are evaluating legal steps and currently conducting more investigation on the matter.
It did not, however, respond to Moneycontrol's specific queries on the nature of the cyber attack, vulnerability, the number of people affected and so on.
“We have identified a security anomaly in a few of our internal systems. Our information security team is currently investigating the matter along with a leading external forensics partner and is taking the necessary action," a Cleartrip spokesperson said.
"Appropriate legal action and recourse are being evaluated and steps are being taken as per the law,” the spokesperson added.
This is the first significant data breach that has come to light ever since the directions of the Indian Computer Emergency Response Team (CERT-In) came to force in late June.
Among many other requirements, the directions mandate that all types of body corporate have to report cybersecurity incidents to CERT-In within six hours of discovering the issue.
It is also important to point out that this is not the first time that Cleartrip suffered a breach of its systems. In 2017, a hacking group called Turtle Squad defaced its website after gaining unauthorised access.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
