Walmart-controlled flight booking service suffers substantial data leak

An Indian flight booking website majority-owned by US retail colossus Walmart has experienced a data breach, but is saying very little about what happened or the risks to customers.

News of the breach emerged on Monday, when customers received a message.

While the message to customers assures them that “no sensitive information pertaining to your Cleartrip account” was exposed, that leaves open the possibility that information pertinent to other matters may have been accessed. The Register therefore asked Cleartrip how attackers were able to access its systems, what data was exposed, whether that data was encrypted, if any information was exfiltrated, when the breach was detected, when the company notified users, and how the company plans to change its infosec practices in response to the breach.

Read more…
Source: The Register