Previous
Cleartrip Suffers Massive Data Breach
Learn how PurpleSec’s experts can protect your business against the latest cyber attacks.
Author: Eva Georgieva / Last Updated: 7/28/2022
Reviewed By: Dalibor Gašić, & Michael Swanagan, CISSP, CISA, CISM
View Our: Editorial Process
Table Of Contents
Summary Of The Attack
- Massive Data Breach on Cleartrip caused by a “security anomaly” of internal systems.
- Data leaked by attackers on Dark Web with files timestamped as recently as June 2022.
- Cleartrip states that no user-sensitive data was leaked.
- As a precautionary measure, they asked their users to change their account passwords.
- Cleartrip is undertaking appropriate legal action while conducting more investigations on the matter.
What Happened?
Cleartrip has suffered a massive data breach through what they claim was a “security anomaly” of their internal systems.
Their confidential data has been exposed in several places on the dark web and the data exposed is also quite new, with files timestamped as recent as June 2022.
Their current platforms are fully functional and they state that the data breach is being dealt with, technically and legally.
Who Is Cleartrip?
Cleartrip is a popular travel-booking platform, founded back in 2006 and acquired by Walmart-owned Flipkart in April 2021.
Chain Of Events
A security researcher Sunny Nehra, @sunnynehrabro, posted a tweet on July 18, 2022, where he exposed that the online travel aggregator, Cleartrip, has been a victim of a hacker’s intrusion into their internal systems and leakage of the company’s internal data.
Cleartrip’s data was posted in private forums and on the same day, July 18th, Cleartrip publicly confirmed the incident.
What Were The Attack Vectors?
In an official statement to their customers, which Cleartrip users have been posting on different forums, one of those platforms being Twitter, the company states that an unauthorized third party accessed their internal systems.
On how the data was accessed and what exactly was the attack vector, Cleatrip refrained from providing any kind of information.
How PurpleSec Helps To Secure Your Organization
Our vulnerability management services and penetration testing services provide a holistic approach to securing what’s most important to you.
What Information Was Leaked?
The company also didn’t want to provide any kind of details in regard to the scope of the data that has been leaked and also on the type of information being leaked.
However, in their official statement to their customers, they claimed that only profile details from the user’s accounts have been obtained, but no sensitive data was compromised.
What Mitigation Steps Are Taking Place?
Furthermore, in that same official statement to their users, as a precautionary measure, they advised their users to change their account passwords.
However, users changing their passwords is not going to undo the damage done, since the data has already been leaked and is now sold on the dark web.
On that matter, the online travel aggregator Cleartrip’s spokesperson in a statement said that they are collaborating along with a leading external forensics partner and they are taking the necessary action to deal with the data breach.
Per their saying, appropriate legal action and recourse are being evaluated and steps are being taken as per the law while conducting more investigation on the matter.
This is the first significant data breach that has occurred ever since the directions of the Indian Computer Emergency Response Team (CERT-In) came into force in late June this year.
There are quite a few of those requirements, however, among them, the directions mandate states that all types of body corporate have to report cybersecurity incidents to CERT-In within six hours of discovering the issue.
It is also worth mentioning that this isn’t the first data breach that Cleartrip has dealt with.
The company also suffered a data breach in April 2017 when Cleartrip’s website was defaced by a hacking group called “Turtle Squad ” after they gained unauthorized access to Cleartrip’s systems.
Related Articles:
Eva Georgieva
Eva is a security engineer, researcher, and penetration tester with experience over 5 years of experience working on both red teams and blue teams.
Related Articles
- Top 10 Cyber Attacks In 2022
- Top 10 Vulnerabilities In 2022
- Rackspace Ransomware Attack
- Dropbox Suffers Data Breach
- Iranian APT Uses Log4j
- Google SEO Poisoning Campaign
- Killnet DDoS Target Airports
- Advocate Aurora Health Data Leak
- Microsoft 2.4 TB Data Leak
- Optus Exposes 2.1M Customers
- $570M Binance Coin Hack
- TikTok Denies Cyber Attack
- NATO Data Leak
- Uber’s Systems Compromised
- Cisco Cyber Attack
- Samsung Exposes PII
Popular Articles
Ransomware Attacks
Preventing Attacks
HEALTHCARE
GOVERNMENT
CRYPTO