Data breach in Air India Caused Exposure of 4.5 Million Passengers Personal Information

Data breach in Air India
Share It On:

26th May 2021, Kathmandu

Data Breach on SITA passenger system service of Air India compromised the personal data of 4.5 million passengers. A decade worth of data was accessed by the attackers.

Data breach basically exploits confidential personal information either intentionally or by accident. Highly protected information was breached, such as social security numbers, banking account details, personal health information, email or passwords, and so on.

People fear air travel during pandemics. They want hassle-free travel, but cyberattacks like data breaches on aviation have become a challenge for many airlines. With personal data at stake, travelers are hesitating about sharing personal data. They are becoming more cautious and skeptical. Airlines are at a loss because of heightened security breaches. Cyber-criminals are more active and sophisticated during this pandemic.

In February 2021, Air India disclosed that they experienced a complex data breach. This breach affected 4.5 million passengers globally. SITA Passenger Service system (SITA PSS) is the data management service provider of Air India. Unknown threat actors hacked this system. SITA PSS is responsible for personal information storing and processing.

Air India said the affected data subject was only provided by the data processor on March 25 and April 05, 2021, even though the notification about the attack was received on February 25, 2021.

SITA implemented many services, for instance: an online booking engine, a departure control system, check-in, automated boarding control, a baggage reconciliation system, and the frequent flyer program.

A Decade Worth of Passenger Data

Data breach affected the passengers registered from August 26, 2011, to February 3, 2021. The attackers accessed decade’s worth of personal information. Passenger data including names, passport, credit card details, birth dates, contact information, passport information, ticket information, and Air India’s frequent flyer data from the SITA’s systems. The unexposed data was only CVV/CVC numbers. SITA took action and contacted affected SITA PSS customers and all its organization immediately after they realized the seriousness of the attack.

Measures Taken after the Data Breach by Air India:

  •   Data security incident investigation
  • Secured Compromised servers
  • Engaging external specialists
  • Notifying credit card issuers and liaising
  • Password reset of Air India FFP program

There’s no sign of misuse of the leaked information but still requested passengers to reset their passwords.

Multiple Airlines Affected

SITA revealed about the attack in February. The consequences of the cyberattack exposed recently. SITA has been providing airline services globally and also to government agencies. This attack also affected Star Alliance and One World airlines. Other popular airlines too affected, like Finnair, Japan Airlines, Jeju Air, Lufthansa, Air New Zealand, Malaysia Airlines, Cathay Pacific, and Singapore Airlines.

Things Affected Flyers Need To Do

Update all account passwords immediately if you have booked a flight between August 26, 2011, and February 3, 2021, from Air India. Use precautionary measures and check all the account transactions now and then. If any doubtful transaction has occurred, report it to the bank as soon as possible. Cybercriminals leverage leaked data to target users through phishing emails. There is a possibility that you receive phishing emails through various unknown resources, so don’t click on suspicious links.


Share It On:

Recent Posts

56 Companies Declare Dividends: NEPSE Dividend Update 2023/24 – Cash and Bonus Shares Breakdown

56 Companies Declare Dividends: NEPSE Dividend Update 2023/24 – Cash

Share It On:7th December 2024, Kathmandu  A total of 56 companies and mutual funds listed on the Nepal Stock Exchange

Samsung Unveils One UI 7: Redefining the Smartphone Experience with Powerful AI and Intuitive Design

Samsung Unveils One UI 7: Redefining the Smartphone Experience with

Share It On:7th December 2024, Kathmandu  Samsung Nepal announced the public release of the One UI 7 beta program, boasting

Sanima Bank’s 20th Anniversary Celebration: Community-Focused Blood Drive Promotes Health and CSR Initiatives

Sanima Bank’s 20th Anniversary Celebration: Community-Focused Blood Drive Promotes Health

Share It On:7th December 2024, Kathmandu Sanima Bank has jointly organized a blood donation program with Community Service Center-Naxal, Community

MAW Vriddhi Expands EV Presence in Birgunj: Launch of New Showroom and Exciting Test Drive Camp

MAW Vriddhi Expands EV Presence in Birgunj: Launch of New

Share It On:6th December 2024, Kathmandu MAW Vriddhi Motors Pvt. Ltd. the authorized importer of Dongfeng Nammi and Seres has

NIBL Invests in Nepal Hydropower Project: Supporting Electro Power’s 44 MW Green Energy Initiative

NIBL Invests in Nepal Hydropower Project: Supporting Electro Power’s 44

Share It On:6th December 2024, Kathmandu NIBL Equity Partners, a private equity firm focused on fostering sustainable businesses, has signed

Samsung TV 2024 Cashback Offer: Enjoy 4K Cricket Experience with Up to 31% Off

Samsung TV 2024 Cashback Offer: Enjoy 4K Cricket Experience with

Share It On:6th December 2024, Kathmandu With the historic first season of the Nepal Premiere League cricket commencing in full