Popular Indian Airline SpiceJet Exposed Easily Brute-Forceable Database Containing 1.2 Million Customers

SpiceJet, the second-largest airline in India, has now made it to the news. Reportedly, SpiceJet leaked data of around 1.2 million customers after leaving data on an unsecured server.

As revealed, SpiceJet, the popular airline known for its low prices, leaked data of over a million customers online.

According to the details shared in their blog post, a researcher managed to hack one of SpiceJet’s systems. With a simple brute-force, the researcher succeeded in accessing the stored information in unencrypted form.

This unencrypted database, as discovered, contained private information of over 1.2 million customers who utilized the services of the airline in the previous month. Specifically, the leaked details included passengers’ names, birth dates, phone numbers, and email addresses. The affected passengers also included some state officials, which further worsens the matter.

The researcher believed anyone with an internet connection knowing “where to look” could access the information.

You Might Also Like