On 17th October, we were made aware of a report that suggested redBus has suffered a data breach affecting the email addresses of some of our customers.
Based on our initial investigations, we have not been able to conclusively establish this data breach. We suspect though that a server storing logs may have been compromised, which contained some email addresses. We have not discovered any loss of password information at this time. Further, all our customers’ passwords are hashed and stored securely behind firewalls. We do not store payment details on any of our systems.
Even this server has recently been moved to a private network to strengthen its security.
redBus is committed to the highest level of security for all user information on all platforms. We have engaged security consultants to investigate this incident further. Purely as a precautionary measure, we recommend that our users change their passwords on their redBus accounts. We are very sorry for the inconvenience caused.
– Team redBus
Originally published at blog.redbus.in on October 18, 2016.