Skip to main content

Deck.blue brings a TweetDeck experience to Bluesky users

With over 3 million users and plans to open up more broadly in the months ahead, Bluesky is still establishing itself as an alternative to Twitter/X. However, that hasn’t stopped the developer community from embracing the project and building tools to meet the needs of those fleeing the now Elon Musk-owned social network, formerly known […] © 2024 TechCrunch. All rights reserved. For personal use only. from TechCrunch https://ift.tt/TBbEAPF
Post a Comment

India’s Akasa Air exposed sensitive records of thousands of customers

Akasa Air, India’s newly launched airline that began operations earlier this month, exposed the personal data of thousands of its customers because of a technical glitch that affected its login and sign-up service.

The exposed data, discovered by cybersecurity researcher Ashutosh Barot, included full names, gender, email addresses and phone numbers of customers signing up and logging in on the Akasa Air website.

The researcher found an HTTP request disclosing the data minutes after looking at Akasa Air’s website on its inaugural day on August 7. He had initially tried to communicate with the security team at the Mumbai-based airline directly but did not find a direct contact.

“I reached out to the airline via their official Twitter account, asking them for an email ID to report the issue. They gave me the info@akasa email ID to which I didn’t share the vulnerability details because it might be handled by support staff or third party vendors. So, I emailed them again and asked [the airline] to provide [the] email address of someone from their security team. I received no further communication from Akasa,” the researcher said.

After not getting a response from the airline on how he can connect with the security team, the researcher informed TechCrunch about the issue.

Akasa Air quickly responded when we reached out and acknowledged that the issue had put 34,533 unique customer records at risk. The airline also said the exposed data did not include travel-related information or payment records.

On being made aware of the incident, Akasa Air shut down its sign-up service. The airline also said that it added additional controls before resuming its service to the general public.

Additionally, the airline told TechCrunch that it carried additional reviews to ensure the security of all its systems.

Akasa Air reported the incident to India’s nodal cybersecurity agency CERT-In and notified its affected users through a statement that it also made public on Sunday. It advised users “to be conscious of possible phishing attempts” due to the data exposure. Further, it confirmed to TechCrunch that it did not see an “untoward spike in access” to the data.

“At Akasa Air, system security and protection of customer information is paramount, and our focus is to always provide a secure and reliable customer experience. While extensive protocols are in place to prevent incidents of such nature, we have undertaken additional measures to ensure that the security of all our systems is even further enhanced. We will continue to maintain our robust security protocols, engaging wherever applicable, with partners, researchers, and security experts from whom we can benefit to strengthen our systems,” Anand Srinivasan, Co-Founder and Chief Information Officer at Akasa Air, said in a prepared statement on the matter.

“I am glad the airline fixed the issue on short notice and reported it to CERT-In as well as informed its customers about the incident, which is an exemplary step,” the researcher said.

Incidents of data exposure and leaks are becoming common in India, which withdrew the last iteration of its data protection bill earlier this month. A number of domestic companies in the country also do not have dedicated programs to award and incentivize researchers helping to find flaws in their systems.



from TechCrunch https://ift.tt/NT3XhCd
Labels:

Comments

Post a Comment

Popular posts from this blog

Nimbus launches tiny EV prototype that’s like a motorbike with a roof

As shared e-scooter companies have infiltrated cities and e-bike sales have soared, micromobility has been offered up as a panacea to save us all from the ill humors and packed streets caused by gas-guzzling cars. However, one of the major roadblocks in front of well-intentioned city dwellers who’d love to trade in their cumbersome and environmentally unfriendly vehicles for an e-bike or scooter remains: What happens when it rains? Nimbus, a California-based electric vehicle startup, wants to solve that problem with a simple solution: Put a roof on it. The company recently came out of stealth with a prototype for its Nimbus One, a tiny, three-wheeled EV that “combines the convenience and cost of a motorbike with the safety and comfort of a car.” The Nimbus One. Image Credits: Nimbus The thin, pod-like vehicle is only about 2.75 feet wide and 7.5 feet long, which Nimbus says makes it three to five times smaller than a compact car — the better to park and navigate busy urban stree...
Post a Comment
Read more

Pitch Deck Teardown: Encore’s $3M seed deck

For this week’s Pitch Deck Teardown, I’m (virtually) traveling to Sweden to take a look at the $3 million seed round raised by developer tool startup Encore . The company is creating what it calls a software development platform for the cloud. It reportedly raised from Crane Venture Partners with Acequia Capital ,  Essence Venture Capital  and  Third Kind Venture Capital joining the round. I wanted to take a look at this deck in more detail, in particular, because it tells a really elegant story in a market where it’s extraordinarily hard to differentiate yourself — both to your customers and to investors! Pitching a dev tool in a way that tells the story well enough to understand but without dropping deep into a rabbit hole is a particularly hard challenge, and that’s the needle Encore threads ever so efficiently in this 24-slide pitch deck. We’re looking for more unique pitch decks to tear down, so if you want to submit your own, here’s how you can do that ....
Post a Comment
Read more

Multifamily housing has missed the solar boom. PearlX wants to fix that with $70M Series B

If you’re a renter and you want solar power, you’re usually out of luck. For most, the only option is a community solar program, where people subscribe to utility-scale projects, but they’re not available everywhere. And given that most renters only stay for a few years, which of them are going to pay tens of thousands of dollars for solar panels — and what landlord would let them? That’s where PearlX comes in. “Think of us as like the Sunrun for renters,” said co-founder and CEO Michael Huerta, referring to the company that rents solar installations to single-family homeowners. “PearlX is a rental electrification platform.” Earlier this year, the startup began installing solar panels and backup batteries at multifamily rentals in Texas as part of its “TexFlex” project. PearlX’s next step, which Huerta shared exclusively with TechCrunch, will be a California expansion called “Flexifornia.” The startup is also rolling out a virtual power plant, which will allow the company to tap the...
Post a Comment
Read more