India

Tata group hospitality company Indian Hotels Company Ltd has said that it is investigating claims of a data breach, but asserted there is no suggestion of any current or ongoing security issue.

According to a report in TheIndianSubcontinent, personal details of about 1.5 million people may have been compromised in a data breach at the Tata-owned TajHotels group earlier this month.Indian Hotels Company Ltd (IHCL) runs a number of hospitality properties under the Taj, SeleQtions, Vivanta, and Ginger, among others.

Indian Computer Emergency Response Team (CERT-In), the official cybersecurity agency, too is said to be aware of the breach.What IHCL said"We have been made aware of someone claiming possession of a limited customer data set which is of non-sensitive nature," Indian Hotels Company Ltd (IHCL) spokesperson said in a statement.

Asserting that safety and security of customers' data is of paramount importance to the company, the spokesperson said, "We are investigating this claim and have notified the relevant authorities."The spokesperson further said, "We continue to monitor our systems and there is no suggestion of any current or ongoing security issue or impact on business operations."What is the ransom soughtA threat actor going by the name ‘Dnacookies’ has demanded $5,000 for the full dataset, which includes addresses, membership IDs, mobile numbers and other personally identifiable information (PII), according to people aware of the matter.

The customer data is from 2014 to 2020.We reviewed the breach post published on November 5 on the black hat hacking cybercrime marketplace BreachForums, where the threat actor provided a sample containing 1,000 rows of unique entries.Conditions laid down by the hackersAccording to the report, the hackers have set three conditions for any deal:* A negotiator is required to reach a consensus and the person should be an administrator on the forum.* No splitting of data will be allowed; it’s all or nothing.* No additional samples (of data) will be provided.Government fine for data breachesThe Digital Personal Data Protection (DPDP) Act recommends a penalty of up to Rs 250 crore on businesses (data fiduciaries) per instance of data breach and a maximum penalty of Rs 500 crore for all such breaches.





Unlimited Portal Access + Monthly Magazine - 12 issues-Publication from Jan 2021


Buy Our Merchandise (Peace Series)

 


Contribute US to Start Broadcasting



It's Voluntary! Take care of your Family, Friends and People around You First and later think about us. Its Fine if you dont wish to contribute and if you wish to contribute then think about the Homeless first and Feed them. We can survive with your wishes too :-). You can Buy our Merchandise too which are of the finest quality.

Debit/Credit/UPI

UPI/Debit/Credit

Paytm


STRIPE





53