Akasa Air today announced that it has suffered a data breach resulting in unauthorised individuals gaining access to user information.
The airline, which started operations on August 7, has apologised to its customers and has self-reported the incident to CERT-In, according to a communication.
A temporary technical configuration error related to our login and sign-up service was reported to us on Thursday, August 25, 2022. As a result of this configuration error, some Akasa Air registered user information limited to names, gender, email addresses, and phone numbers may have been viewed by unauthorised individuals. We can confirm that aside from the above details, no travel-related information, travel records, or payment information was compromised.Akasa Air Statement
After the incident, the following steps were taken by Akasa Air to mitigate risks for current and future scenarios:
The airline immediately stopped the unauthorised access by completely shutting down the associated functional elements of their system. Only after adding additional controls to address this situation, the login and sign-up services were resumed.
As a part of our commitment to be always transparent, we proactively shared this information with our customers who could have been potentially impacted.Akasa Air Statement