Air India data breach: Personal info of 45 lakh people leaked due to ‘sophisticated cyberattack’


A massive violation of Air India’s server This February resulted in the personal data of nearly 45,000,000 people being compromised worldwide. The leaked data was collected between August 26, 2011 and February 3, 2021.

This included, among other things, the personal data of persons such as name, date of birth, contact information, passport information, ticket data, credit card data.

The massive data leak was caused by a “sophisticated cyber attack” on Air India’s passenger service provider SITA.

“As we and our data processor continue to take remedial action … we would also like to encourage passengers to change passwords to keep their personal information safe,” said a statement from Air India.

ALSO READ | Air India servers hacked, credit card details stolen from leaflets: What we know so far

It added that data on 4.5 million passengers – including Air India passengers – worldwide has been “affected” as a result of the cyberattack on SITA. SITA is based in Geneva, Switzerland.

“Air India would like to inform its valued customers that its passenger services system provider was informed of a sophisticated cyberattack in the last week of February 2021,” the airline said in its statement.

It added that SITA has confirmed that no unauthorized activity was detected in the system infrastructure after the incident, while the level and scope of complexity is being determined through forensic analysis and the exercise is still ongoing.

“Air India is now in contact with various regulators in India and abroad and has informed them of the incident in accordance with their obligations,” the airline said.

ALSO READ | Mobikwik data breach is said to be the biggest KYC leak, personal data of 3.5 million users is for sale on the dark web

Regarding the credit card details, Air India clarified that CVV / CVC numbers are not held by SITA.

The identity of the passengers concerned was only communicated to her by SITA on March 25 and April 5.

Air India is carrying out a risk assessment together with the service provider and will continue to update it as soon as it becomes available.

The airline said it took the following steps after the data security incident: securing the compromised servers, hiring external specialists for data security incidents, notifying and talking to the credit card issuers, and resetting the Air India frequent flyer program passwords.

ALSO READ | The Facebook data leak contained personal data from 6 million users in India


Post a Comment

और नया पुराने