26th May 2021, Kathmandu
Data Breach on SITA passenger system service of Air India compromised the personal data of 4.5 million passengers. A decade worth of data was accessed by the attackers.
Data breach basically exploits confidential personal information either intentionally or by accident. Highly protected information was breached, such as social security numbers, banking account details, personal health information, email or passwords, and so on.
People fear air travel during pandemics. They want hassle-free travel, but cyberattacks like data breaches on aviation have become a challenge for many airlines. With personal data at stake, travelers are hesitating about sharing personal data. They are becoming more cautious and skeptical. Airlines are at a loss because of heightened security breaches. Cyber-criminals are more active and sophisticated during this pandemic.
In February 2021, Air India disclosed that they experienced a complex data breach. This breach affected 4.5 million passengers globally. SITA Passenger Service system (SITA PSS) is the data management service provider of Air India. Unknown threat actors hacked this system. SITA PSS is responsible for personal information storing and processing.
Air India said the affected data subject was only provided by the data processor on March 25 and April 05, 2021, even though the notification about the attack was received on February 25, 2021.
SITA implemented many services, for instance: an online booking engine, a departure control system, check-in, automated boarding control, a baggage reconciliation system, and the frequent flyer program.
A Decade Worth of Passenger Data
Data breach affected the passengers registered from August 26, 2011, to February 3, 2021. The attackers accessed decade’s worth of personal information. Passenger data including names, passport, credit card details, birth dates, contact information, passport information, ticket information, and Air India’s frequent flyer data from the SITA’s systems. The unexposed data was only CVV/CVC numbers. SITA took action and contacted affected SITA PSS customers and all its organization immediately after they realized the seriousness of the attack.
Measures Taken after the Data Breach by Air India:
- Data security incident investigation
- Secured Compromised servers
- Engaging external specialists
- Notifying credit card issuers and liaising
- Password reset of Air India FFP program
There’s no sign of misuse of the leaked information but still requested passengers to reset their passwords.
Multiple Airlines Affected
SITA revealed about the attack in February. The consequences of the cyberattack exposed recently. SITA has been providing airline services globally and also to government agencies. This attack also affected Star Alliance and One World airlines. Other popular airlines too affected, like Finnair, Japan Airlines, Jeju Air, Lufthansa, Air New Zealand, Malaysia Airlines, Cathay Pacific, and Singapore Airlines.
Things Affected Flyers Need To Do
Update all account passwords immediately if you have booked a flight between August 26, 2011, and February 3, 2021, from Air India. Use precautionary measures and check all the account transactions now and then. If any doubtful transaction has occurred, report it to the bank as soon as possible. Cybercriminals leverage leaked data to target users through phishing emails. There is a possibility that you receive phishing emails through various unknown resources, so don’t click on suspicious links.