Data breach in Air India Caused Exposure of 4.5 Million Passengers Personal Information

Data breach in Air India
Share It On:

26th May 2021, Kathmandu

Data Breach on SITA passenger system service of Air India compromised the personal data of 4.5 million passengers. A decade worth of data was accessed by the attackers.

Data breach basically exploits confidential personal information either intentionally or by accident. Highly protected information was breached, such as social security numbers, banking account details, personal health information, email or passwords, and so on.

People fear air travel during pandemics. They want hassle-free travel, but cyberattacks like data breaches on aviation have become a challenge for many airlines. With personal data at stake, travelers are hesitating about sharing personal data. They are becoming more cautious and skeptical. Airlines are at a loss because of heightened security breaches. Cyber-criminals are more active and sophisticated during this pandemic.

In February 2021, Air India disclosed that they experienced a complex data breach. This breach affected 4.5 million passengers globally. SITA Passenger Service system (SITA PSS) is the data management service provider of Air India. Unknown threat actors hacked this system. SITA PSS is responsible for personal information storing and processing.

Air India said the affected data subject was only provided by the data processor on March 25 and April 05, 2021, even though the notification about the attack was received on February 25, 2021.

SITA implemented many services, for instance: an online booking engine, a departure control system, check-in, automated boarding control, a baggage reconciliation system, and the frequent flyer program.

A Decade Worth of Passenger Data

Data breach affected the passengers registered from August 26, 2011, to February 3, 2021. The attackers accessed decade’s worth of personal information. Passenger data including names, passport, credit card details, birth dates, contact information, passport information, ticket information, and Air India’s frequent flyer data from the SITA’s systems. The unexposed data was only CVV/CVC numbers. SITA took action and contacted affected SITA PSS customers and all its organization immediately after they realized the seriousness of the attack.

Measures Taken after the Data Breach by Air India:

  •   Data security incident investigation
  • Secured Compromised servers
  • Engaging external specialists
  • Notifying credit card issuers and liaising
  • Password reset of Air India FFP program

There’s no sign of misuse of the leaked information but still requested passengers to reset their passwords.

Multiple Airlines Affected

SITA revealed about the attack in February. The consequences of the cyberattack exposed recently. SITA has been providing airline services globally and also to government agencies. This attack also affected Star Alliance and One World airlines. Other popular airlines too affected, like Finnair, Japan Airlines, Jeju Air, Lufthansa, Air New Zealand, Malaysia Airlines, Cathay Pacific, and Singapore Airlines.

Things Affected Flyers Need To Do

Update all account passwords immediately if you have booked a flight between August 26, 2011, and February 3, 2021, from Air India. Use precautionary measures and check all the account transactions now and then. If any doubtful transaction has occurred, report it to the bank as soon as possible. Cybercriminals leverage leaked data to target users through phishing emails. There is a possibility that you receive phishing emails through various unknown resources, so don’t click on suspicious links.


Share It On:

Recent Posts

Citizens Bank 11.11 Deals: Exclusive Discounts on Daraz

Citizens Bank 11.11 Deals: Exclusive Discounts on Daraz

Share It On:5th November 2024, Kathmandu Citizens Bank International Limited signed an agreement with Nepal’s leading online marketplace, Daraz, to

Local Talent Shines in Cybersecurity: Bipu Ojha and Tuan Khuat Win CDU IT CodeFair CTF

Local Talent Shines in Cybersecurity: Bipu Ojha and Tuan Khuat

Share It On:5th November 2024, Kathmandu Bipu Ojha and his teammate Tuan Khuat have emerged as winners in the prestigious

CEDB Hydropower’s Extraordinary General Meeting Concluded: Five Directors Elected

CEDB Hydropower’s Extraordinary General Meeting Concluded: Five Directors Elected

Share It On: 5th November 2024, Kathmandu CEDB Hydropower Development Company Limited has successfully concluded its extraordinary general meeting. CEDB

Government’s Journalist Accident Insurance Program: Apply Now For Your Protection

Government’s Journalist Accident Insurance Program: Apply Now For Your Protection

Share It On: 5th November, Kathmandu The Department of Information and Broadcasting has announced the launch of a new insurance

Nepal Life’s Property Acquisition in Hetauda: A Strategic Move For Growth

Nepal Life’s Property Acquisition in Hetauda: A Strategic Move For

Share It On:5th November, Kathmandu Nepal Life Insurance, a leading life insurance company in Nepal, has recently expanded its footprint

Global IME Dividend Announcement: Key Book Closure Date Revealed

Global IME Dividend Announcement: Key Book Closure Date Revealed

Share It On:5th November 2024, Kathmandu Global IME Bank has good news for its shareholders! The bank has announced a