Air India data breach: Personal info of flyers leaked after cyber attack on its passenger server.

Hackers infiltrated the servers of Air India Ltd. and gained access to personal data of 4.5 million fliers, the nation’s flag carrier said.


Personal data — including name, date of birth, contact information, passport information, ticket information and credit card data — which was registered between 11 August, 2011, and 3 February, 2021, has been leaked of a certain number of Air India's passengers, the statement issued by the airline said.



The breach raises fresh concerns after allegations earlier this year that Chinese intrusions may have affected operations at a key stock exchange and disrupted power supply in Mumbai, the country’s commercial hub. Cyber-attacks have become a growing threat in recent months with hacker groups targeting research institutions in Japan to American government agencies, businesses and health facilities.


“This is to inform that SITA PSS our data processor of the passenger service system (which is responsible for storing and processing of personal information of the passengers) had recently been subjected to a cybersecurity attack leading to personal data leak of certain passengers. This incident affected around 4,500,000 data subjects in the world,” Air India noted in an official statement released on Friday.

Air India data breach explained:


The cybersecurity breach involved personal data registered with the airline between August 26, 2011 and February 3, 2021. The exposed data of passengers include name, date of birth, contact information, passport information, ticket information and credit cards details. Air India clarified that CVV/CVC data of the credit card holders were not stored in the company’s database.


"Air India would like to inform its valued customers that its passenger service system provider has informed about a sophisticated cyber attack it was subjected to in the last week of February 2021," the airline said.


While the level and scope of sophistication is being ascertained through forensic analysis and the exercise is ongoing, SITA has confirmed that no unauthorised activity has been detected inside the system's infrastructure after the incident, it added.


However, with respect to credit cards' data, CVV/CVC numbers are not held by SITA, the airline clarified.


The airline said it has taken following steps after the data security incident: Secured the compromised servers, engaged external specialists of data security incidents, notified and in talk with the credit card issuers and reset the passwords of Air India frequent flyer programme.


Air India has requested all passengers to change the passwords to their account on the official Air India website as well as wherever else applicable.


India is mulling a new national strategy to strengthen the country’s cybersecurity.