Air India has admitted that it was one of the victims of the sophisticated cyber attack that targeted passenger service system SITA in February. According to an article published by Tribune India, personal data of around 4.5 Million users got leaked in this data leak. It also includes data of a certain number of Air India passengers registered between 11th August 2011 and 3rd February 2021.
This personal data includes their name, date of birth, contact information, passport information, ticket details, and credit card data. However, the airline has reaffirmed that no leakage of any passwords has been observed.
“While we and our data processor continue to take remedial actions…We would also encourage passengers to change passwords wherever applicable to ensure the safety of their personal data,” the statement issued by the airline said.
The statement has also reassured that while the investigation into this data leak matter is still an ongoing process, the overall level of sophistication of this attack is being ascertained by forensic teams. Along with this, SITA has confirmed that there has been no unauthorized activity in the system’s infrastructure after the incident.
Take a Moment to Stay Tuned Forever
Subscribe to get weekly cyber security updates!
Other Airlines are also Affected
SITA serves the Star Alliance of airlines including Singapore Airlines, Lufthansa, and United. It is noteworthy that SITA’s PSS (Passenger Service System) is used by around 90% of airlines worldwide for processing passenger data. Initially, in March, Singapore Airlines had reported that the data breach must have impacted 5,80,000 of its customers, indicating that the number could go up to millions worldwide.
According to PTI, Air India has said it has taken the following steps after the cyber incident:
1) Secured the compromised servers
2) Engaged external data security incident specialists
3) Notified the credit card issuers and is talking to them
4) Reset the passwords of the Air India frequent flyer program
Turn Your Employees Into A Cyber Threat Shield
Make your employees proactive against prevailing cyber attacks with ThreatCop!