RedBus confirms hack, says no sign of user passwords being stolen yet

Online travel giant ibibo Group-owned ticketing platform RedBus on Tuesday confirmed that it had been subject to a cyber attack that might have exposed the email addresses of some of its customers.

RedBus which was alerted of the hack on Monday via a post on Reddit says it has engaged security consultants to assess the magnitude of the attack, but had so far not found any evidence of user passwords being leaked.
“While not being fully conclusive, our initial investigations suggest that a server storing logs may have been compromised, which contained some email addresses. We have not discovered any loss of password information at this time,” said RedBus in a blog post.
The firm says that passwords are hashed and stored behind firewalls while the server which was hacked has now been moved to a private network to boost security. RedBus has asked customers to reset their passwords as a precaution.
Earlier in the day, a person on the Reddit thread claiming to be an engineer at RedBus said that the company was working with ethical hackers to ascertain if there was a data breach. 
Indian technology companies are increasingly becoming the targets of cyber attacks with music streaming site, food-tech startup InnerChef becoming victims of data leaks in recent past. Vulnerabilities have also been found in systems of Ola and Zomato which were exposed by ethical hackers who have alerted companies.
In 2015, ethical hacker Shubham Paramhans who hacked Ola claimed that the company responded rudely when he reached out to them. He went on to write a post on Medium about his conquest which gained significant prominence in the media. Following this, Ola formally announced its bug bounty programme that would reward people for finding vulnerabilities in its service.
All large global technology companies have bug bounty programs with Google and Facebook being among the largest. Indian tech firms too are following in their footsteps these days, tapping into communities of ethical hackers in order to avoid data breaches. 

Business Standard is now on Telegram.
For insightful reports and views on business, markets, politics and other issues, subscribe to our official Telegram channel