The airline’s hack, compromising the data of more than 1.2 million passengers, including Indian government officials, was first reported by TechCrunch, which learned of the incident through an unnamed security researcher, who referred to his actions as ethical hacking.The individual “brute-forced” into the system by using an easily guessed password, and upon alerting SpiceJet never received a response, prompting the leak to TechCrunch, which says it reviewed the impacted database’s contents and won’t reveal the hacker’s identity for fear of violating U.S. computer hacking laws.
Source: SC Magazine