The Hacker News Logo
Subscribe to Newsletter

Air India unit - Centaur Hotels website insecure - Passports, ID's, credit cards data at Risk

Air India unit - Centaur Hotels website insecure - Passports, ID's, credit cards data at Risk

Website of Centaur Hotel at IGI airport New Delhi -  http://centaurhotels.com/ used to upload customer data like  passport, pan card, credit card and other forms of personal identification of their guests staying at New Delhi IGI airport property, Data in an hidden indexed directory on the website as shown above.


The Centaur Hotels is a unit of the Hotel Corporation of India, which is a wholly owned subsidiary of India's national carrier Air India which in turn is 100% owned by the Government of India.


This Security failure is disclosed by Bangalore Aviation. Capt. Samarth Singh claimed the website was under the control of another company for the last year and was handed over him only one week ago. He said "The website has been under the direct control and jurisdiction of S. Naidu Pvt. Ltd. for the last one year. During this period Hybrid Content site credit has not been removed from the Centaur Hotel's website. Any further clarifications may be entertained in presence of all three parties i.e. Centaur Hotels, S. Naidu Pvt. Ltd. and Hybrid Content."


Some Documents from Site :




Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.