Air India Reports Data Breach; 45 Lakh passengers data hacked

A cyberattack on the national airline Air India servers resulted in a massive data breach and affected around 45 Lakh customers of the airline; it reported on Friday (May 21). Leaked details, including passport and credit card information for these passengers, were compromised in the attack, Air India said in a statement.

"As part of our commitment, we would like to inform you that SITA PSS, our data processor of the passenger service system, recently notified Air India of a data security breach involving personal data of certain passengers, including yours," the airlines said in a communication to the passengers whose data got stolen.

This incident affected around 4,500,000 data subjects worldwide. Air India received the first notification in this regard on February 25. However, the company clarified that the identity of the affected users was only apparent to them on March 25 and April 5, respectively. "The present communication is an effort to apprise of accurate state of facts as on date and to supplement our general announcement of March 19, 2021, initially made via our website," said the statement.

The breach involved personal data of registered users between August 26, 2011, and February 3, 2021, with personal details like name, date of birth, contact information, passport information, ticket information, and frequent flyer data of Star Alliance and Air India, well as credit card details. However, the passwords of frequent travellers were not affected, according to the statement. The airline also reported that Air India data processors do not have credit card data such as CVV / CVC numbers.

The company is currently investigating the data security incident. It mentioned the exact nature of the attack. The airline is securing the compromised servers and hiring outside specialists for data security incidents. In addition, it indicated that the affected credit card issuers are being informed. Passwords for frequent flyer programs are also being reset.

While the airline has confirmed that it is taking corrective action, it also encourages passengers to change passwords where appropriate to ensure their data security.

"Further, our data processor has ensured that no abnormal activity was observed after securing the compromised servers. The protection of our customer's data is of the highest importance to us, and we deeply regret the inconvenience caused and appreciate continued support and trust of our passengers," said the airline.