Cyber criminals reportedly attacked Air India’s servers and accessed the airline’s passenger service system, including information related to passengers’ credit card and passport details.
News18 reported that the massive Air India data breach, involved personal data registered between August 26, 2011 and February 3, 2021.
ANI said in a tweet that details including name, date of birth, contact info, passport information, ticket info, Star Alliance and Air India frequent flyer data were accessed, but no password data was affected.According to an official statement, Air India’s passenger service system, which is provided by SITA, faced the sophisticated cyberattack in February thi year leading to leak of personal data of certain number of the national carrier’s flyers.
The news agency added that the incident had affected around “4,500,000 data subjects across the world”. Air India told ANI, “In respect of credit cards data, CVV/CVC numbers are not held by our data processor. Further, our data processor has ensured that no abnormal activity was observed after securing the compromised servers.”
The carrier added, “Following measures to ensure safety of data immediately taken-investigating data security incident, securing compromised servers, engaging external specialists of data security incidents, notifying and liaising with credit card issuers, resetting passwords of Air India FFP prog.”
Personal data — including name, date of birth, contact information, passport information, ticket information and credit card data — which was registered between August 11, 2011, and February 3, 2021, has been leaked of a certain number of Air India’s passengers, the statement issued by the airline said.
“While we and our data processor continue to take remedial actions…We would also encourage passengers to change passwords wherever applicable to ensure safety of their personal data,” it said. Data of 4.5 million passengers — which includes Air India’s passengers — across the world has been “affected” due to the cyberattack on SITA, the statement said.
SITA is based out of Geneva in Switzerland. “Air India would like to inform its valued customers that its passenger service system provider has informed about a sophisticated cyber attack it was subjected to in the last week of February 2021,” the airline said.
While the level and scope of sophistication is being ascertained through forensic analysis and the exercise is ongoing, SITA has confirmed that no unauthorised activity has been detected inside the system’s infrastructure after the incident, it added. “Air India meanwhile is in liaison with various regulatory agencies in India and abroad, and has apprised them about the incident in accordance with its obligations,” the airline said.
Air India along with the service provider is carrying out risk assessment and would further update as and when it becomes available, it said. The airline said it has taken following steps after the data security incident: Secured the compromised servers, engaged external specialists of data security incidents, notified and in talk with the credit card issuers and reset the passwords of Air India frequent flyer programme.
Recently, US fuel supplier Colonial Pipeline had paid $5 million in ransom to hackers. Colonial Pipeline, which operates the largest fuel network in the US, announced on May 7 about the ransomware attack.
The company had closed over 5,000 miles (8,046 km) of pipeline that carried 100 million gallons (37,85,41,178 litres) petrol, jet fuel, and kerosene from Texas to the New York area as a preventive measure, which led to severe fuel shortages and a sharp increase in the price of fuel across the US, especially in the East Coast.