Air India Passengers Data, including Credit Card subjected to data breach
In a massive revelation, flag carrier airline of India, Air India announced that customer data have been leaked in February. The leaked data include credit cards, passports, and phone numbers of the passengers.
The official statement released by Air India says customer data of Ten years was subjected to leak in a major cyber-attack incident. Nearly 45 lakh customers were affected by the cyber-attack.
The passenger system operator SITA based out of Geneva was subjected to a cyber attack and the data include the names, date of birth, contact information, and ticket information was compromised. Apart from Air India, SITA serves as the data storer for Singapore Airlines, Lufthansa and United as well.
"SITA PSS our data processor of the passenger service system (which is responsible for storing and processing of personal information of the passengers) had recently been subjected to a cybersecurity attack leading to personal data leak of certain passengers. This incident affected around 4,500,000 data subjects in the world," Air India said.
"While we had received the first notification in this regard from our data processor on 25.02.2021, we would like to clarify that the identity of the affected data subjects was only provided to us by our data processor on 25.03.2021 and 5.04.2021," it added.
Going by the information shared by Air India, the data of passengers registered with the Air service between 26th August 2011 and 3rd February 2021 has been subjected to a data breach. However, the airlines said, the passwords of the passengers were not affected by the cyber attack.
The airlines had swung into action and called for an investigation in this regard and said it is looking at the steps like taking help from the data security experts so that the compromised servers can be secured.
The official statement released by Air India says customer data of Ten years was subjected to leak in a major cyber-attack incident. Nearly 45 lakh customers were affected by the cyber-attack.
The passenger system operator SITA based out of Geneva was subjected to a cyber attack and the data include the names, date of birth, contact information, and ticket information was compromised. Apart from Air India, SITA serves as the data storer for Singapore Airlines, Lufthansa and United as well.
"SITA PSS our data processor of the passenger service system (which is responsible for storing and processing of personal information of the passengers) had recently been subjected to a cybersecurity attack leading to personal data leak of certain passengers. This incident affected around 4,500,000 data subjects in the world," Air India said.
"While we had received the first notification in this regard from our data processor on 25.02.2021, we would like to clarify that the identity of the affected data subjects was only provided to us by our data processor on 25.03.2021 and 5.04.2021," it added.
Going by the information shared by Air India, the data of passengers registered with the Air service between 26th August 2011 and 3rd February 2021 has been subjected to a data breach. However, the airlines said, the passwords of the passengers were not affected by the cyber attack.
The airlines had swung into action and called for an investigation in this regard and said it is looking at the steps like taking help from the data security experts so that the compromised servers can be secured.