Online Travel Booking Website Probes 'Security Anomaly'

Walmart-Owned Cleartrip Suffered a Data Breach
Online Travel Booking Website Probes 'Security Anomaly'
Source: Shutterstock

A popular Indian online travel website owned by Walmart is investigating a cybersecurity incident amid indicators it suffered a major data breach.

See Also: 13 Essential Criteria to Consider For Cyber Resilience in IR & SoC Teams

A spokesperson for Cleartrip said the company is investigating a "security anomaly" alongside an external forensics firm and has notified authorities.

"The detailed evaluation is still under progress… the investigation so far has indicated that limited information like name, email ID and phone number(s) are suspected to have been impacted," the company told Information Security Media Group in the early hours of Wednesday.*

Security researcher Sunny Nehra tweeted a screenshot from an underground private forum showing spreadsheets apparently containing customer data and internal files.

ISMG could not verify Nehra's statements. He did not respond to ISMG's request for details on the source of the screenshot and the price sought for the data on the darknet forum. Nehra told TechCrunch the post was pulled down within hours of its initial publication.

Indian e-commerce company Flipkart acquired Cleartrip in 2021 in a deal The Economic Times estimated was based on a valuation of $40 million. Walmart paid $16 billion in 2018 to take a controlling stake in Flipkart.

"Appropriate legal action and recourse are being evaluated and steps are being taken as per the law," Cleartrip told Information Security Media Group. India recently changed its breach reporting guidelines to mandate a six-hour reporting rule for cyber incidents.

A Cleartrip customer tweeted that he had received a company breach notification assuring him that "no sensitive data pertaining to your Cleartrip account has been compromised" and that only "some details which are part of your profile" had been leaked.

The Cleartrip incident follows other cybersecurity attacks on India's travel and tourism industry. In May, ransomware attackers targeted passenger airline SpiceJet with a ransomware attack. The company said the attempted attack was "contained," but its impact on the IT infrastructure grounded several flights across India (see: Attempted Ransomware Attack Grounds SpiceJet Flights).

*July 20, 2022 11:57 UTC: This story was updated with a Cleartrip's statement on which customer data may have been effected by the incident.

About the Author

Mihir Bagwe

Mihir Bagwe

Principal Correspondent, Global News Desk, ISMG

Bagwe previously worked at CISO magazine, reporting the latest cybersecurity news and trends and interviewing cybersecurity subject matter experts.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.