Data breach in Air India Caused Exposure of 4.5 Million Passengers Personal Information

Data breach in Air India
Share It On:

26th May 2021, Kathmandu

Data Breach on SITA passenger system service of Air India compromised the personal data of 4.5 million passengers. A decade worth of data was accessed by the attackers.

Data breach basically exploits confidential personal information either intentionally or by accident. Highly protected information was breached, such as social security numbers, banking account details, personal health information, email or passwords, and so on.

People fear air travel during pandemics. They want hassle-free travel, but cyberattacks like data breaches on aviation have become a challenge for many airlines. With personal data at stake, travelers are hesitating about sharing personal data. They are becoming more cautious and skeptical. Airlines are at a loss because of heightened security breaches. Cyber-criminals are more active and sophisticated during this pandemic.

In February 2021, Air India disclosed that they experienced a complex data breach. This breach affected 4.5 million passengers globally. SITA Passenger Service system (SITA PSS) is the data management service provider of Air India. Unknown threat actors hacked this system. SITA PSS is responsible for personal information storing and processing.

Air India said the affected data subject was only provided by the data processor on March 25 and April 05, 2021, even though the notification about the attack was received on February 25, 2021.

SITA implemented many services, for instance: an online booking engine, a departure control system, check-in, automated boarding control, a baggage reconciliation system, and the frequent flyer program.

A Decade Worth of Passenger Data

Data breach affected the passengers registered from August 26, 2011, to February 3, 2021. The attackers accessed decade’s worth of personal information. Passenger data including names, passport, credit card details, birth dates, contact information, passport information, ticket information, and Air India’s frequent flyer data from the SITA’s systems. The unexposed data was only CVV/CVC numbers. SITA took action and contacted affected SITA PSS customers and all its organization immediately after they realized the seriousness of the attack.

Measures Taken after the Data Breach by Air India:

  •   Data security incident investigation
  • Secured Compromised servers
  • Engaging external specialists
  • Notifying credit card issuers and liaising
  • Password reset of Air India FFP program

There’s no sign of misuse of the leaked information but still requested passengers to reset their passwords.

Multiple Airlines Affected

SITA revealed about the attack in February. The consequences of the cyberattack exposed recently. SITA has been providing airline services globally and also to government agencies. This attack also affected Star Alliance and One World airlines. Other popular airlines too affected, like Finnair, Japan Airlines, Jeju Air, Lufthansa, Air New Zealand, Malaysia Airlines, Cathay Pacific, and Singapore Airlines.

Things Affected Flyers Need To Do

Update all account passwords immediately if you have booked a flight between August 26, 2011, and February 3, 2021, from Air India. Use precautionary measures and check all the account transactions now and then. If any doubtful transaction has occurred, report it to the bank as soon as possible. Cybercriminals leverage leaked data to target users through phishing emails. There is a possibility that you receive phishing emails through various unknown resources, so don’t click on suspicious links.


Share It On:

Recent Posts

Bangladesh Tightens Solvency Margin Calculations to Improve Insurance Sector Transparency

Bangladesh Tightens Solvency Margin Calculations to Improve Insurance Sector Transparency

Share It On: 23rd November 2024, Kahmandu Bangladesh’s insurance regulator has implemented stricter guidelines for calculating solvency margins for both

NRB’s NPR 6.8 Billion Investment: Strengthening Nepal’s Financial Future and Banking Stability

NRB’s NPR 6.8 Billion Investment: Strengthening Nepal’s Financial Future and

Share It On:23rd November 2024, Kathmandu Nepal’s Central Bank, Nepal Rastra Bank (NRB), has announced a significant investment of NPR

Nepal’s ADB Prioritizes Farmers’ Welfare for Economic Growth and Agricultural Development

Nepal’s ADB Prioritizes Farmers’ Welfare for Economic Growth and Agricultural

Share It On: 23rd November 2024, Kathmandu The Agricultural Development Bank (ADB) is recognized as a vital institution for Nepal’s

Ridi Power’s 23rd AGM Concludes: Key Decisions, Investments, and Future Outlook

Ridi Power’s 23rd AGM Concludes: Key Decisions, Investments, and Future

Share It On: 23rd November 2024, Kathmandu Ridi Power Company Limited wrapped up its annual shareholder meeting, the 23rd Annual

Nepal Oman Financial Ties Strengthen: Omani Rial Now Legal Tender In Nepal

Nepal Oman Financial Ties Strengthen: Omani Rial Now Legal Tender

Share It On: 22nd November 2024, Kathmandu A significant step has been taken towards strengthening financial ties between Nepal and

Liberty Energy Rights Shares Offering: Eligibility, Application Process, and Future Plans

Liberty Energy Rights Shares Offering: Eligibility, Application Process, and Future

Share It On:22nd November 2024, Kathmandu Liberty Energy Company Limited is gearing up to issue rights shares starting December 1,