The national carrier of India, Air India reported a massive data breach yesterday that has compromised the personal information of some 45 lakh passengers across the world. As per the statement released by the airline, “The SITA PSS, the data processor of the passenger service system (which is responsible for storing and processing of personal information of the passengers) had recently been subjected to a cyber security attack leading to personal data leak of certain passengers.”
Air India requested the passengers in a statement stating, “while we and our data processor continue to take remedial actions…We would also encourage passengers to change passwords wherever applicable to ensure safety of their personal data.” The airline however made it clear that credit card data like CVV/CVC numbers are not held by Air India data processors.
The leak has affected the passengers who have registered their information with the carrier stretching from August 2011 to February 2021. The details and information that has got leaked include- name, date of birth, contact information, passport information, ticket information, Star Alliance and Air India frequent flyer data (but no passwords data were affected) as well as credit cards data.
The global carrier added, “the company had received the first notification of the breach on February 25th this year and between March 25th to April 5th, they were provided with the information of the affected subjects. The present communication is an effort to apprise of the accurate state of facts as in date and to supplement our general announcement of 19th March 2021 initially made via our website.”
The company meanwhile is carrying out the risk assessment, which shall be made known once it is completed. The company is also engaging external specialists to look into the breach. It has also proclaimed to have secured the vulnerable servers and discussed the gravity of the issue with the credit card issuers.
“The protection of our customers’ personal data is of highest importance to us, and we deeply regret the inconvenience caused and appreciate continued support and trust of our passengers”, added the company in its statement.
Shocking is the data shared by the state-owned Indian Computer Emergency Response Team (CERT-In), which specifies that over 26,100 Indian websites were hacked in 2020. 110 Indian Ministry websites, 54 Departmental websites and 59 State Government websites were among the list.
On the other hand, 17,560 websites were hacked in 2018 and 24,768 were hacked in 2019. Post coming face-to-face with the continuous incidence of such actions on a humungous scale, it has become pertinent that the cybersecurity laws prevalent in the country truly require strengthening.
Air India is India’s national airline providing domestic and international air operations. Launched on October 15, 1932, the carrier has successfully become a well-known international airline connecting to over 40 destinations in the USA, Europe, Australia, Far-East and South-East Asia and the Gulf. Likewise, its domestic network is very strong as well.