Akasa Air said on Sunday that the personal information of its registered users pertaining to name, gender, email address and phone number may have been compromised due to a technical glitch. Though the airline reported the incident to the government body Indian Computer Emergency Response Team (CERT-In), it claimed that there was no “intentional hacking attempt”.
“At Akasa Air, system security and protection of customer information is paramount, and our focus is to always provide a secure and reliable customer experience.
While extensive protocols are in place to prevent incidents of such nature, we have undertaken additional measures to ensure that the security of all our systems is even further enhanced,” said Anand Srinivasan, co-founder and chief information officer, Akasa Air.
Srinivasan said that the airline will continue to maintain its robust security protocols, engaging wherever applicable with partners, researchers and security experts, from whom it can benefit to strengthen its systems.
A temporary technical configuration error related to Akasa Air’s log-in and sign-up service was reported to it on August 25, resulting in the user information probably being viewed by unauthorised individuals. However, the airline confirmed that other than name, gender, email address and phone number, no travel-related information, travel records or payment information was compromised.
The airline said that on being made aware of the incident, it stopped the unauthorised access by shutting down the associated functional elements of its system. Later on, it resumed log-in and sign-up services after adding additional controls.
“We self-reported the incident to CERT-In (which is the government’s authorised nodal agency tasked to deal with incidents of this nature),” Akasa Air said. CERT-In comes under the ministry of electronics & information technology.
The airline has also notified the affected users of the incident and advised them to be conscious of “possible phishing attempts”.
Akasa Air said that it wanted to to clarify that based on its records, there was no intentional hacking attempt, but that the situation was reported by a research expert through a journalist, for which they were grateful.
Having taken to the skies on August 7 with its maiden flight on the Mumbai-Ahmedabad route, Akasa Air has announced six routes between five cities — Mumbai, Ahmedabad, Kochi, Bengaluru and Chennai.
The airline now has three Boeing 737 Max aircraft in its fleet, having received the first aircraft on June 21, the second on July 26 and the third on August 16. It has plans to expand its fleet by adding one new aircraft every two weeks. By the end of FY23, the airline will have a fleet of 18 aircraft and over the next four years, 54 additional aircraft will be added, taking the fleet size to 72.