Air India Says Personal Details of 4.5 Million Flyers Leaked in Cyberattack

Air India’s passenger service system supplier SITA confronted a complicated cyberattack in February this yr resulting in leak of non-public knowledge of 4.5 million passengers — which included passengers of the nationwide provider from internationally, an official assertion mentioned on Friday. Personal knowledge — together with title, date of beginning, contact data, passport data, ticket data and bank card knowledge – which was registered between August 11, 2011, and February 3, 2021, has been leaked of a sure variety of Air India’s passengers, the assertion issued by the airline mentioned.

“While we and our data processor continue to take remedial actions… We would also encourage passengers to change passwords wherever applicable to ensure safety of their personal data,” it said.

Data of 4.5 million passengers — which incorporates Air India’s passengers – internationally has been “affected” because of the cyberattack on SITA, the assertion mentioned.

SITA relies out of Geneva in Switzerland.

“goal=”_self” rel=”noopener”>Air India would like to inform its valued customers that its passenger service system provider has informed about a sophisticated cyber attack it was subjected to in the last week of February 2021,” the airline mentioned.

While the extent and scope of sophistication is being ascertained by way of forensic evaluation and the train is ongoing, SITA has confirmed that no unauthorised exercise has been detected contained in the system’s infrastructure after the incident, it added.

“Air India meanwhile is in liaison with various regulatory agencies in India and abroad, and has apprised them about the incident in accordance with its obligations,” the airline mentioned.

However, with respect to bank cards’ knowledge, CVV/CVC numbers aren’t held by SITA, the airline clarified.

It mentioned that the id of its affected passengers was supplied to it by SITA on March 25 and April 5 solely.

Air India together with the service supplier is finishing up threat evaluation and would additional replace as and when it turns into accessible, it mentioned.

The airline mentioned it has taken following steps after the info safety incident: Secured the compromised servers, engaged exterior specialists of knowledge safety incidents, notified and in speak with the bank card issuers and reset the passwords of Air India frequent flyer programme.