Indian SpiceJet security nonexistent; 1.2 million passenger records wide open.


According to TechCrunch (read the story here), an "ethical hacker" alerted SpiceJet that their passenger data was unencrypted and wide open. An easily guessable password let them in to passenger, their phone number, email address, date of birth. SpiceJet did not respond to queries. Given that some of the passengers were state officials, Mad Max (the jailhouse lawyer) predicts some…er…spicy fallout.

Mad Max
Jailhouse Lawyer

#spicejet #reallybadsecurity

Comments

Popular Posts