Akasa Air suffered a data breach, allowing unauthorised individuals to view data of some of its customers, India’s new airline has admitted.
The airline apologised for the data breach, saying there was “no intentional hacking attempt” to break into its systems.
The airline said in a message posted on its website that a temporary technical configuration error related to our login and sign-up service was reported to us on Thursday August 25, 2022”.
“As a result of this configuration error, some Akasa Air registered user information limited to names, gender, email addresses and phone numbers may have been viewed by unauthorised individuals,” the company elaborated on Sunday.
“We can confirm that aside from the above details, no travel-related information, travel records or payment information was compromised,” it added.
Akasa Air, which operated its inaugural flight on August 7 from Mumbai to Ahmedabad, said it immediately stopped the unauthorised access by completely shutting down the associated functional elements of its system.
“While extensive protocols are in place to prevent incidents of such nature, we have undertaken additional measures to ensure that the security of all our systems is even further enhanced,” said Anand Srinivasan, Co-Founder and Chief Information Officer at Akasa Air.
Akasa Air “self-reported” the incident to CERT-In.
“We have also notified the affected users of the above, and have informed such users that this matter has been reported to CERT-In,” it added.
“We would like to clarify that based on our records there was no intentional hacking attempt,” said the airline in which late billionaire Rakesh Jhunjhunwala had made substantial investment.