Akasa Air, which started operations less than a month ago, suffered a data breach resulting in certain customer information being accessed by unauthorised individuals.
The airline on Sunday, 28 August, apologised for the data breach and said the incident has been "self-reported" to the nodal agency, the Indian Computer Emergency Response Team (CERT-In).
Akasa Air also said that based on its records, there was "no intentional hacking attempt" but has advised users to be conscious of possible phishing attempts.
In a communication posted on its website, the airline said a temporary technical configuration error related to its login and sign-up service was reported on 25 August.
"As a result, some Akasa Air registered user information limited to names, gender, e-mail addresses and phone numbers may have been viewed by unauthorised individuals.
"We can confirm to you that aside from the above details, no travel-related information, travel records or payment information was compromised," it said.
On being made aware of the incident, Akasa Air said it immediately stopped this unauthorised access by completely shutting down the associated functional elements of its system.
Subsequently, having added additional controls to address this situation, we have resumed our login and sign-up, the communication said.
"We would like to clarify that basis our records there was no intentional hacking attempt, but that the situation was reported by a research expert through a journalist for which we are grateful," Akasa Air's Co-Founder and Chief Information Officer Anand Srinivasan said in a statement.
He also said the information was proactively shared with customers who could have been potentially impacted.
‘Protection of Customer Information Is Paramount’: CIO Anand Srinivasan
Specific details about the incident could not be immediately ascertained. The system security and protection of customer information is paramount at the airline, Srinivasan said.
"While extensive protocols are in place to prevent incidents of such nature, we have undertaken additional measures to ensure that the security of all our systems is even further enhanced," he said in the statement.
Akasa Air also said the system security and protection of customer information is paramount. "We sincerely apologise to you for any inconvenience caused as a result of this," it added.
Akasa Air, the first Indian carrier to be launched in nearly a decade, operated its inaugural flight on 7 August from Mumbai to Ahmedabad. Billionarie Rakesh Jhunjhunwala, who passed away earlier this month, had made substantial investment in the airline.
(At The Quint, we are answerable only to our audience. Play an active role in shaping our journalism by becoming a member. Because the truth is worth it.)