Yatra

In September 2013 the Indian travel booking platform Yatra experienced a significant security breach resulting in the exposure of approximately 5 million user records. The incident involved the leakage of sensitive personal information including email addresses and physical addresses along with phone numbers and plaintext passwords. This leak was particularly severe because the passwords were not hashed or encrypted making them immediately accessible to unauthorized parties. The data was discovered on several underground forums which put millions of travelers at risk of identity theft and account takeovers.