- Select a language for the TTS:
- UK English Female
- UK English Male
- US English Female
- US English Male
- Australian Female
- Australian Male
- Language selected: (auto detect) - EN
Play all audios:
On Monday, 28 March, Nandan Kumar, a software engineer from Bengaluru, wrote a series of tweets claiming to have discovered a "technical vulnerability" in IndiGo airline's
website, which "leaks sensitive data". After flying from Patna to Bengaluru he ended up going home with another passenger's bag, "Honest mistake from both our end. As the
bags are exactly the same with some minor differences." He contacted IndiGo to get his luggage back, but "couldn’t get any resolution" on the issue. The airline didn't
provide him with the contact details of the co-passenger who had his bag, citing privacy concerns. Kumar, armed with the co-passenger's PNR and last name, says he then opened the
developer console on the website and was able to retrieve the latter's phone number and email ID through a "hole" in the system.
