A man from Bengaluru hacks IndiGo website to find his lost luggage. The airline responds


The wait one has to endure to retrieve one’s luggage from the conveyor belt after a flight is extremely time-consuming and frustrating. But the situation gets worse when you just can’t locate your luggage after a long wait.

A similar thing happened with Nandan Kumar, a software engineer traveling from Patna to Bangalore on an IndiGo flight. Kumar’s luggage was mistakenly picked up by a co-passenger and the incident snowballed into a larger storyline that prompted Kumar to use his developer skills for good.

Kumar shared his story of recovering his baggage and simultaneously pointed out the security flaws of the IndiGo website.

“So, I traveled from PAT – BLR to indigo 6E-185 yesterday. And my bag was swapped with another passenger. Honest mistake on both sides. As the bags were exactly the same with some minor differences,” Kumar wrote in the tweet.

He then clarified that he called the customer service number and followed all protocols to locate his lost luggage.

Now the story gets interesting. “Long story short, I couldn’t get a resolution to the issue. And neither was your customer service team ready to provide me with the person’s contact details, citing privacy and data protection,” said Kumar, however, he did not receive any call from a customer service agent even the next day.

After many failed attempts to locate the co-passenger, Kumar decided to pull out the big guns. “After all the failed attempts, my developer instinct kicked in and I pressed the F12 button on my computer keyboard and opened the dev console on the @IndiGo6E website and started the whole recording flow with network log logging,” he wrote.

For all non-techy readers, when you press F12 it opens a set of developer tools. It helps engineers examine requests and responses sent and received to and from a website server.

Kumar managed to locate the co-passenger and swapped his bag. He also shared a list of IndiGo security vulnerabilities to review.

IndiGo responded with a note saying they were sorry for the inconvenience and assured the website had no security vulnerabilities.

The tweet thread amassed over 5,000 likes and numerous reactions. People totally supported Kumar and shared their experiences with the airline.

What do you think of this story of “hacking for a cause”?

Source link


Comments are closed.