Air India's data breached in major cyber attack; credit card details of 45 lakh passengers leaked

45 Lakh user data was compromised in a major cyberattack targeting global airlines such as Air India. The data includes credit card details. The list of affected airlines includes Malaysia Airlines, Finnair, Singapore Airlines, Lufthansa, and Cathay Pacific. Credit card data are affected, CVV or CVC numbers are not stored on the affected server, Air India clarified.

The March 19 notice relates to a privacy breach warning issued by Air India in which the airline stated that its passenger service system had been exposed to an extensive cyberattack. The national airline confirmed that no unauthorized activities were found within the PSS infrastructure.

National airline Air India suffered a major cyberattack in which passengers' personal information, including passport, contact details, ticket information, and credit card details was stolen. This incident affected around 4,500,000 people worldwide, the airline said, adding that the breach affected data between August 2011 and February 2021.

 

"The breach involved personal information recorded between August 26, 2011 and February 3, 2021, with details such as name, date of birth, contact information, passport information, ticket information, Star Alliance" and frequent flyer information from Air India (but the password information was not affected) as well as credit card details, according to a statement from Air India. In a statement to the passengers concerned, Air India announced that their SITA PSS server, which is responsible for storing and processing travelers' personal data, was the target of a cybersecurity attack.

 

The identity of the data subject was only communicated by our processor on March 25, 2021 and April 5, 2020.2021 “, clarified the national airline. The resulting data breach involved personal data that was registered between August 26, 2011 and February 20, 2021. 

Details such as name, date of birth, contact information, passport details, ticket information, frequent flyer information from Star Alliance and Air India, and credit card information was leaked in this attack.

Air India’s clarification  

In its statement, Air India said: “Although we received the first notification of this from our processor on February 25, 2021, we would like to make it clear that the identity of the data subjects has only been disclosed to us by our processor on 3/25/2021 and 5/4/2021, "he added. SITA first announced the cyberattack in March. Passengers were subsequently informed by several airlines, including Singapore Airlines and Malaysia Airlines, that some of their data had been leaked.

What actions are being taken?

Air India has informed it has launched an investigation into the matter. Besides, the carrier claims to have taken measures including "securing the compromised servers, engaging external specialists of data security incidents, contacting credit card issuers and resetting passwords of its frequent flyer program."

What can the affected passengers do?

Although Air India has assured its passengers that there is no evidence of “misuse” of the data that was breached, the airline has asked passengers to change their passwords after the breach in order to ensure the security of their confidential data. In an official statement to the affected passengers, Air India said, “For more information, you can contact on email id aidata.helpdesk@airindia.in, or call on 01242641415 or visit the website www.airindia.in.”