Bengaluru: Techie hacks IndiGo website to find lost baggage; Airline issues apology

Bengaluru: A techie from Bengaluru hacked the IndiGo airline website to find his missing luggage by finding a technical vulnerability in the airline’s system.

Nandan Kumar, a software engineer who was traveling from Patna to Bengaluru on an IndiGo flight shared his story on Twitter.

In a series of tweets, Nandan said that he accidentally exchanged his bag with another passenger and contacted IndiGO customer care but they failed to resolve the issue.

“So long story short I couldn’t get any resolution on the issue. And neither your customer care team was ready to provide me the contact details of the person citing privacy and data protection,” he said.

The next morning, he decided to try and find his lost luggage by hacking into IndiGo’s official website.

He wrote, “After all the failed attempts, my developer instinct kicked in and I pressed the F12 button on my computer keyboard and opened the developer console on the IndiGo website and started the whole checking flow with network log record on.”

“And there in one of the network responses was the phone number and email IDof my co-passenger. I made note of the details and decided to call the person and try to get the bags swapped. We decided to meet at a Center point and got our bags swapped,” he added.

Nandan then listed the loopholes on the airlines’ official website and asked them to resolve the issue to safeguard customer’s privacy.

“Dear, IndiGo take note 1. Fix your IVR and make it more user-friendly 2. Make your customer service more proactive than reactive 3. Your website leaks sensitive data get it fixed,” he said.

IndiGo apologized for the inconvenience caused and said that at “no point was the IndiGo website compromised.”