IndiGo responds after techie hacks website to retrieve lost luggage : The Tribune India

Tribune Web Desk

Chandigarh, March 31

The IndiGo Airlines has responded to the tweet threads of Nandan Kumar, a software engineer who went viral on Wednesday for hacking the airlines’ website and taking advantage of its technical vulnerability to retrieve his lost-luggage swapped mistakenly with a co-passenger.

The airlines issued a statement saying that their data privacy policy restricted them from sharing any passenger’s information. However, they also claimed that their IT processes were completely robust and at no point was their website compromised.

pic.twitter.com/GnnGKypGGJ

— IndiGo (@IndiGo6E) March 29, 2022

The airlines also thanked Kumar for his feedback and promised a review.

Kumar took the matter into his own hands and used his developer instincts to resolve the issue.

He had his low-key hacker moment when he could open the developer console on IndiGo’s website and track the log of his co-passengers details.

Hey @IndiGo6E ,
Want to hear a story? And at the end of it I will tell you hole (technical vulnerability )in your system? #dev #bug #bugbounty 😝😝 1/n

— Nandan kumar (@_sirius93_) March 28, 2022

As promised in the beginning of the thread, he also shared some suggestions for the airlines. He asked them to make their customer service more proactive than reactive.

Also Read: Bengaluru software engineer hacks IndiGo’s website to retrieve his lost luggage, netizens call it an epic way to get query resolved

And since it was against their norms to share the phone number of his co-passenger with him that could have made the whole incident easier, he took a dig and said, “Your website leaks sensitive data, get it checked.”