Chennai: A cyber-attack on the servers of national carrier Air India resulted in a massive data breach on Friday and affected around 4.5 million customers of the airline.
Details, including passport and credit card information of these passengers, were compromised in the attack, Air India said in a statement.
This leaked data includes credit card details — but according to Air India not the CVV or CVC number — as well personal details like date of birth.
Air India says that it is sending an email to affected consumers. The company says that it is also investigating the whole incident, the hacker attack as well as data breach, further.
Names, date of birth, contact information and ticket information have also been compromised in the ‘highly sophisticated’ attack that targeted Geneva-based passenger system operator SITA that serves the Star Alliance of airlines including Singapore Airlines, Lufthansa and United besides Air India.
“SITA PSS our data processor of the passenger service system (which is responsible for storing and processing of personal information of the passengers) had recently been subjected to a cybersecurity attack leading to personal data leak of certain passengers. This incident affected around 4,500,000 data subjects in the world,” Air India said in an email to customers.
“While we had received the first notification in this regard from our data processor on 25.02.2021, we would like to clarify that the identity of the affected data subjects was only provided to us by our data processor on 25.03.2021 and 5.04.2021,” it added.
“The breach involved personal data registered between 26th August 2011 and 3rd February 2021, with details that included name, date of birth, contact information, passport information, ticket information, Star Alliance and Air India frequent flyer data (but no passwords data were affected) as well as credit cards data. However, in respect of this last type of data, CVV/CVC numbers are not held by our data processor,” Air India said.
The leak of Air India data is one more high-profile data breach that has taken place in India this year. Earlier, there was some data belonging to Airtel users that was floating on the web. Then There was a data leak from Big Basket, something that also reportedly affected some Flipkart users because the passwords and IDs were kept common by users.
For more information, you can contact on email id [email protected], or call on 01242641415 or visit the website www.airindia.in, Air India said in its communique to the affected passengers.
Currently, other than special flights under the ‘Vande Bharat’ mission, Air India is only operating domestic flights as international travel remains suspended owing to the coronavirus disease (Covid-19) pandemic.
