4.5 million passengers hit in massive cyber-attack on Air India
In a massive data breach on national carrier Air India, details of around 4.5 million passengers have been compromised including passport and credit card information, Air India said in a statement late on Friday.
In a personal communication to those whose details were stolen, the airline said, “As part of our commitment, we would like to inform you that SITA PSS, our data processor of the passenger service system, recently notified Air India of a data security breach involving personal data of certain passengers, including yours.” The identity of the affected passengers, the message said, was provided by the data processor to Air India on March 25 and April 5, 2021.
“We hereby address to you a personal communication of this data security incident. The breach involved some personal data registered between 26th August 2011 and 20th February 2021 with details that included name, date of birth, contact information, passport information, ticket information, frequent flyer data and also credit cards data,” it said.
Air India’s passenger service system provider SITA based out of Geneva in Switzerland faced a sophisticated cyber-attack in February leading to leak of personal data of a certain number of the national carrier’s passengers.
Air India said it is in touch with various regulatory agencies in India and abroad, and has apprised them about the incident in accordance with its obligations.
The airline said it has taken the following steps after the data security incident: Secured the compromised servers, engaged external specialists of data security incidents, notified and is in talks with the credit card issuers and reset the passwords of Air India frequent flyer programmes.