Hackers compromised the systems of the Indian national carrier Air India and got access to personal data of 4.5 million passengers.
According to Air India, the breach occurred after Passenger Service System provider SITA, which is a data processor of the passenger service system (which is responsible for storing and processing of personal information of the passengers) was hacked in February 2021.
Personal information of passengers registered between August 2011 and February 2021 was compromised in the attack, the carrier said in a data breach notification. While the intruders didn’t obtain passwords, they were able to get access to such information as name, date of birth, contact information, passport information, ticket information, Star Alliance and Air India frequent flyer data, as well as credit cards data (although the CVV/CVC numbers weren't included).
The national carrier said it was first informed of the incident on February 25th, but that it only learned the identities of affected passengers on March 25th and May 4th. The company was already investigating the breach and had locked down the affected servers, including resetting passwords for its frequent flyer program.
In early March, SITA released a statement confirming the cyberattack. According to a SITA spokesperson, the incident impacted data of passengers of numerous airlines, including Lufthansa, Air New Zealand, Singapore Airlines, SAS, Cathay Pacific, Jeju Air, Malaysia Airlines, Finnair.