{"id":339492,"date":"2022-08-30T08:47:26","date_gmt":"2022-08-30T10:47:26","guid":{"rendered":"https:\/\/teknomers.com\/fr\/akasa-air-la-plus-recente-compagnie-aerienne-indienne-a-divulgue-les-informations-personnelles-de-ses-passagers\/"},"modified":"2022-08-30T08:47:27","modified_gmt":"2022-08-30T10:47:27","slug":"akasa-air-la-plus-recente-compagnie-aerienne-indienne-a-divulgue-les-informations-personnelles-de-ses-passagers","status":"publish","type":"post","link":"https:\/\/teknomers.com\/fr\/akasa-air-la-plus-recente-compagnie-aerienne-indienne-a-divulgue-les-informations-personnelles-de-ses-passagers\/","title":{"rendered":"Akasa Air, la plus r\u00e9cente compagnie a\u00e9rienne indienne, a divulgu\u00e9 les informations personnelles de ses passagers"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both\"><\/div>\n<p>Akasa Air, la toute nouvelle compagnie a\u00e9rienne commerciale indienne, a expos\u00e9 les donn\u00e9es personnelles de ses clients que l&#8217;entreprise a imput\u00e9es \u00e0 une erreur de configuration technique.<\/p>\n<p>Selon un chercheur en s\u00e9curit\u00e9 <a rel=\"nofollow noopener\" href=\"https:\/\/in.linkedin.com\/in\/ashutoshbarot\" target=\"_blank\">Ashutosh Barot<\/a>le probl\u00e8me est enracin\u00e9 dans le processus d&#8217;enregistrement du compte, ce qui entra\u00eene l&#8217;exposition de d\u00e9tails tels que les noms, le sexe, les adresses e-mail et les num\u00e9ros de t\u00e9l\u00e9phone.<\/p>\n<p>Le bogue a \u00e9t\u00e9 identifi\u00e9 le 7 ao\u00fbt 2022, le jour m\u00eame o\u00f9 la compagnie a\u00e9rienne \u00e0 bas prix a commenc\u00e9 ses op\u00e9rations dans le pays.<\/p>\n<div class=\"ad_two clear\"><a rel=\"nofollow noopener\" href=\"https:\/\/go.thn.li\/strike-d\" target=\"_blank\" title=\"DevOps backupy\"><img decoding=\"async\" alt=\"La cyber-s\u00e9curit\u00e9\" class=\"lazyload\" loading=\"lazy\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2022\/08\/La-nouvelle-vulnerabilite-Amazon-Ring-aurait-pu-exposer-tous-vos.png\" width=\"300\" height=\"250\" \/><\/a><\/div>\n<p>&#8220;J&#8217;ai trouv\u00e9 une requ\u00eate HTTP qui donnait mon nom, mon email, mon num\u00e9ro de t\u00e9l\u00e9phone, mon sexe, etc. au format JSON&#8221;, Borot <a rel=\"nofollow noopener\" href=\"https:\/\/cyberworldmirror.com\/how-i-ethically-hacked-an-airline-on-its-inaugural-day-akasa-air\/\" target=\"_blank\">a dit<\/a> dans un \u00e9crit.  &#8220;J&#8217;ai imm\u00e9diatement chang\u00e9 certains param\u00e8tres dans [the] demande et j&#8217;ai pu voir les PII d&#8217;autres utilisateurs.  Il a fallu environ 30 minutes pour trouver ce probl\u00e8me.&#8221;<\/p>\n<div class=\"separator\" style=\"clear: both\"><img decoding=\"async\" alt=\"La compagnie a\u00e9rienne Akasa Air subit une violation de donn\u00e9es\" border=\"0\" data-original-height=\"411\" data-original-width=\"728\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2022\/08\/1661856445_141_Akasa-Air-la-plus-recente-compagnie-aerienne-indienne-a-divulgue.jpg\" title=\"La compagnie a\u00e9rienne Akasa Air subit une violation de donn\u00e9es\" \/><\/div>\n<p>D\u00e8s r\u00e9ception du rapport, la soci\u00e9t\u00e9 <a rel=\"nofollow noopener\" href=\"https:\/\/www.akasaair.com\/en\/news-room\/akasa-press-releases\/important-update-from-akasa-air\" target=\"_blank\">a dit<\/a> il a temporairement ferm\u00e9 certaines parties de son syst\u00e8me pour incorporer des garde-corps de s\u00e9curit\u00e9 suppl\u00e9mentaires.  Il a \u00e9galement signal\u00e9 l&#8217;incident \u00e0 l&#8217;\u00e9quipe indienne d&#8217;intervention d&#8217;urgence informatique (CERT-In).<\/p>\n<div class=\"ad_two clear\"><a rel=\"nofollow noopener\" href=\"https:\/\/go.thn.li\/crowd-mid-d\" target=\"_blank\" title=\"CyberSecurity\"><img decoding=\"async\" alt=\"La cyber-s\u00e9curit\u00e9\" class=\"lazyload\" loading=\"lazy\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2022\/08\/Google-Cloud-bloque-une-attaque-DDoS-record-de-46-millions.png\" width=\"728\" height=\"90\" \/><\/a><\/div>\n<p>Akasa Air a soulign\u00e9 qu&#8217;aucune information li\u00e9e au voyage ou aucun d\u00e9tail de paiement n&#8217;a \u00e9t\u00e9 laiss\u00e9 accessible et qu&#8217;il n&#8217;y a aucune preuve que le probl\u00e8me a \u00e9t\u00e9 exploit\u00e9 dans la nature.<\/p>\n<p>La compagnie a\u00e9rienne a en outre d\u00e9clar\u00e9 avoir directement inform\u00e9 les utilisateurs concern\u00e9s de l&#8217;incident, bien que l&#8217;ampleur de la fuite reste incertaine, ajoutant qu&#8217;elle &#8220;a conseill\u00e9 aux utilisateurs d&#8217;\u00eatre conscients des \u00e9ventuelles tentatives de phishing&#8221;.<\/p>\n<p><\/p>\n<\/div>\n<p><br \/>\n<br \/><a href=\"https:\/\/thehackernews.com\/2022\/08\/indias-newest-airline-akasa-air-suffers.html\" rel=\"nofollow noopener\" target=\"_blank\">ttn-fr-57<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Akasa Air, la toute nouvelle compagnie a\u00e9rienne commerciale indienne, a expos\u00e9 les donn\u00e9es personnelles de ses clients que l&#8217;entreprise a imput\u00e9es \u00e0 une erreur de configuration technique. Selon un chercheur en s\u00e9curit\u00e9 Ashutosh Barotle probl\u00e8me est enracin\u00e9 dans le processus d&#8217;enregistrement du compte, ce qui entra\u00eene l&#8217;exposition de d\u00e9tails tels que les noms, le sexe, [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":339493,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[2240,4202,104534,4168,782,4158,4165,4161,6905,39687,492,4157,4159,4171,4170,65,4167,4160,4163,4162,4662,13721,27730,4172,4169,269,4166,4164],"class_list":["post-339492","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technologie","tag-aerienne","tag-air","tag-akasa","tag-comment-pirater","tag-compagnie","tag-cyber-actualites","tag-cyber-attaques","tag-cyber-mises-a-jour","tag-divulgue","tag-indienne","tag-informations","tag-lactualite-de-la-cybersecurite","tag-lactualite-de-la-cybersecurite-aujourdhui","tag-lactualite-des-hackers","tag-la-securite-des-informations","tag-les","tag-logiciel-malveillant-de-ransomware","tag-mises-a-jour-de-la-cybersecurite","tag-nouvelles-de-piratage","tag-nouvelles-de-pirates","tag-passagers","tag-personnelles","tag-recente","tag-securite-informatique","tag-securite-internet","tag-ses","tag-violation-de-donnees","tag-vulnerabilite-logicielle"],"_links":{"self":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/339492","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/comments?post=339492"}],"version-history":[{"count":0,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/339492\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media\/339493"}],"wp:attachment":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media?parent=339492"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/categories?post=339492"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/tags?post=339492"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}