Bengaluru man hacks IndiGo’s website to find his lost luggage. Airline responds
[ad_1]
The wait one has to endure while collecting their luggage from the conveyer belt after a flight is extremely time-consuming and frustrating. But the situation worsens when one simply can’t locate their luggage after a long time of waiting.
A similar thing happened with Nandan Kumar, a software engineer travelling from Patna to Bangalore on an IndiGo flight. Kumar’s luggage was mistakenly picked up by a co-passenger and the incident snowballed into a larger scenario that prompted Kumar to use his developer skills for good.
Kumar shared his story of retrieving his luggage and simultaneously pointed out the flaws in the security of the IndiGo website.
“So, I travelled from PAT – BLR from indigo 6E-185 yesterday. And my bag got exchanged with another passenger. Honest mistake from both our ends. As the bags were exactly the same with some minor differences,” Kumar wrote in the tweet.
He then went on to specify that he called the customer care number and followed all protocols to locate his lost luggage.
I realised it only after I reached home when my wife pointed out that the bag seems to be a different from ours as we don’t use key based locks in our bags.
PS: We have too much faith in airline staff
So right after reaching home I called your customer care. 3/n— Nandan kumar (@_sirius93_) March 28, 2022
Now, the story gets interesting. “Long story short I couldn’t get any resolution on the issue. And neither your customer care team was ready to provide me with the contact details of the person, citing privacy and data protection,” Kumar mentioned. However, he didn’t receive any call from any customer care agent even the next day.
After the call did not work, the agent assured me that they will call me back when they are able to reach the other person. (I am still waiting for that call ) 6/n pic.twitter.com/uy7tkqWUO7
— Nandan kumar (@_sirius93_) March 28, 2022
After many failed attempts at trying to locate the co-passenger, Kumar decided to pull out the big guns. “After all the failed attempts, my dev instinct kicked in and I pressed the F12 button on my computer keyboard and opened the developer console on the @IndiGo6E website and started the whole check-in flow with network log record on,” he wrote.
For all the non-techie readers, when you press F12, it opens a set of developer tools. It helps engineers look at requests and responses sent and received to and from a website server.
So now, after all the failed attempts, my dev instinct kicked in and I pressed the F12 button on my computer keyboard and opened the developer console on the @IndiGo6E website and started the whole checkin flow with network log record on.
9/n— Nandan kumar (@_sirius93_) March 28, 2022
Kumar successfully located the co-passenger and exchanged his bag. He also shared a list of security flaws addressing IndiGo to look into them.
Dear,@IndiGo6E take note
1. Fix your IVR and make it more user friendly
2. Make your customer service more proactive than reactive
3. Your website leaks sensitive data get it fixed.— Nandan kumar (@_sirius93_) March 28, 2022
IndiGo responded with a note claiming that they were sorry for the inconvenience caused and assured that the website had no security lapses.
— IndiGo (@IndiGo6E) March 29, 2022
The tweet thread has amassed over 5,000 likes and many reactions. People totally supported Kumar and shared their experiences with the airline.
Are any Indian airlines compliant by GDPR ? You can very well sue Indigo in this instance of private data leak.
— Virender Jamnal (@virendersj) March 28, 2022
In my career of 15 years in aviation this is surely the most amazing and epic way a passenger has resolved his query on his own. I shall surely contact you in the future if i ever need any specific info. Hats off
— Siddharth Agarwal (@discoversidd) March 28, 2022
Interesting. Moral of the story..Always check label tag before putting off the belt. Even if the bag looks exactly like yours (with a ribbon on the handle). Everyone can’t hack!!
— Usha (@upratap09) March 29, 2022
What are your thoughts on this ‘hacker for a cause’ story?
[ad_2]
Source link