Online Travel Booking Website Probes 'Security Anomaly'Walmart-Owned Cleartrip Suffered a Data Breach
A popular Indian online travel website owned by Walmart is investigating a cybersecurity incident amid indicators it suffered a major data breach.
A spokesperson for Cleartrip said the company is investigating a "security anomaly" alongside an external forensics firm and has notified authorities.
"The detailed evaluation is still under progress… the investigation so far has indicated that limited information like name, email ID and phone number(s) are suspected to have been impacted," the company told Information Security Media Group in the early hours of Wednesday.*
Security researcher Sunny Nehra tweeted a screenshot from an underground private forum showing spreadsheets apparently containing customer data and internal files.
ISMG could not verify Nehra's statements. He did not respond to ISMG's request for details on the source of the screenshot and the price sought for the data on the darknet forum. Nehra told TechCrunch the post was pulled down within hours of its initial publication.
Indian e-commerce company Flipkart acquired Cleartrip in 2021 in a deal The Economic Times estimated was based on a valuation of $40 million. Walmart paid $16 billion in 2018 to take a controlling stake in Flipkart.
"Appropriate legal action and recourse are being evaluated and steps are being taken as per the law," Cleartrip told Information Security Media Group. India recently changed its breach reporting guidelines to mandate a six-hour reporting rule for cyber incidents.
A Cleartrip customer tweeted that he had received a company breach notification assuring him that "no sensitive data pertaining to your Cleartrip account has been compromised" and that only "some details which are part of your profile" had been leaked.
The Cleartrip incident follows other cybersecurity attacks on India's travel and tourism industry. In May, ransomware attackers targeted passenger airline SpiceJet with a ransomware attack. The company said the attempted attack was "contained," but its impact on the IT infrastructure grounded several flights across India (see: Attempted Ransomware Attack Grounds SpiceJet Flights).
*July 20, 2022 11:57 UTC: This story was updated with a Cleartrip's statement on which customer data may have been effected by the incident.