Walmart-controlled flight booking service suffers substantial data leak
India's Cleartrip is being very opaque about what happened
An Indian flight booking website majority-owned by US retail colossus Walmart has experienced a data breach, but is saying very little about what happened or the risks to customers.
News of the breach emerged on Monday, when customers received a message depicted in the tweet below.
While the message to customers assures them that "no sensitive information pertaining to your Cleartrip account" was exposed, that leaves open the possibility that information pertinent to other matters may have been accessed. The Register therefore asked Cleartrip how attackers were able to access its systems, what data was exposed, whether that data was encrypted, if any information was exfiltrated, when the breach was detected, when the company notified users, and how the company plans to change its infosec practices in response to the breach.
- Alibaba execs hauled in to discuss Shanghai Police data leak
- 1.9m patient records exposed in healthcare debt collector ransomware attack
- This big phish can swim around MFA, says Microsoft Security
- How data on a billion people may have leaked from a Chinese police dashboard
A spokesperson replied with the following:
We have identified a security anomaly in a few of our internal systems. Our information security team is currently investigating the matter along with a leading external forensics partner and is taking the necessary action. Appropriate legal action and recourse are being evaluated and steps are being taken as per the law.
We're sure that's a comfort to Cleartrip customers – especially as Indian media reports that Cleartrip data has been put up for sale on the dark web.
The CLEARTRIP seems to have suffered a massive data breach !!— Sunny Nehra (@sunnynehrabro) July 18, 2022
The screenshot as was posted by the threat actor (on private forum) to sell the data. As can be seen : the breach is new, customer entries info as well as internal company files are there.#cybersecurity #CyberAttack pic.twitter.com/ldAM2JtsCb
Air India admits to data breach impacting 4.5M customers, sat on the news for five weeksREAD MORE
One more thing to worry about: while Cleartrip is based in Mumbai and targets the Indian market, it happily serves customers anywhere. Maybe it's worth checking who you bought that cheap ticket from back in the day?
We also asked Cleartrip if it had complied with India's recently introduced requirements to report the incident within six hours of detection. At the time of writing we've not had a response to that query.
Cleartrip was acquired by Indian ecommerce player Flipkart in 2021. Flipkart itself is 70 percent owned by Walmart. China's Tencent also owns a chunk of Flipkart. All parties now have a mess to consider. ®
- Aatmanirbhar Bharat
- Advanced persistent threat
- Bharti Airtel
- Black Hat
- Bug Bounty
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Remote Access Trojan
- RSA Conference
- Trusted Platform Module
- Zero trust