A lot of data is been stolen from massive companies and now Air India an Airline company is amongst them. This was a massive data breach. Personal data of 45,00,000 people or 4.5 million people were leaked by hackers. The leaked data includes passenger’s basic details like name, date of birth, contact information, and confidential data like passport details, ticket details, and credit card data amid other leaked data.
“While we and our data processor continue to take remedial actions…We would also encourage passengers to change passwords wherever applicable to ensure safety of their personal data”
-Air India
This data leak was possible by a cyberattack on Air India’s passenger service system provider SITA. The leaked data includes people from other countries also. The good point over here is that the CVV/CVC numbers weren’t leaked as it wasn’t stored by SITA. The list of affected people was provided to Air India on March 25 and April 5 only by SITA.
“Air India would like to inform its valued customers that its passenger service system provider has informed about a sophisticated cyberattack it was subjected to in the last week of February 2021,”
-Air India
The airline company also requested its passengers to change passwords to eliminate risks due to the leaked data. The company is also reported to have increased its data security by the following steps.
- Secured the compromised servers
- Engaged external specialists of data security incidents
- Notified credit card issuers.
- Steps are taken to reset the Passwords of credit cards of Air India frequent flyer program.
“Air India meanwhile is in liaison with various regulatory agencies in India and abroad, and has apprised them about the incident in accordance with its obligations,”
-Air India
The company also stated that it had fallen prey to a sophisticated cyberattack.