10 years of passenger data registered with Air India (AI) has been hacked. The airliner said that around 4.5 million data subjects across the world have been affected.
The timespan of the breached data is between August 26, 2011 and February 3, 2021.
The breach occurred when the airliner’s data processor, SITA, was hacked.
What Is SITA And Were Other Airlines Affected?
SITA is a tech firm based in Switzerland which specialises in aviation communications and IT.
Its services include passenger processing, reservation systems and more.
AI partnered with SITA in 2017 to facilitate its joining with Star Alliance by upgrading its IT infrastructure.
SITA is however utilised by airliners other than AI including Lufthansa, Finnair, Malaysia Airlines, Jeju Air, Cathay Pacific, Air New Zealand, British Airways, Singapore Airlines, American Airlines and United.
All of these airlines have thereby also been affected by the data breach and they have notified their customers accordingly.
Details Of The Breach
Data illegally procured include name, date of birth, contact information, passport information, ticket information, Star Alliance and Air India frequent flyer data and credit cards data.
However, there were no passwords or CVV/CVC numbers of cards leaked.
AI said that they were notified of the news from SITA on 25 February,.2021 but the identities of those affected were revealed only on 25 March, 2021 and 5 April, 2021.
The statement by SITA on March 4 read, “SITA confirms that it was the victim of a cyber-attack, leading to a data security incident involving certain passenger data that was stored on SITA Passenger Service System (US) Inc servers”.
Cybersecurity professionals noted that the AI data was not yet spotted on sale on dark web forums.
They added that since passwords were not available as part of the breach, credit and debit card data would be sold instead.
There are other dire implications of this breach such as potential impersonation attacks utilising passport and contact data.
Air India Takes Corrective Steps
Miscreants could also gain illegal access to bank accounts.
AI has taken several steps to contain the breach after the incident such as bringing in external data security experts, informing those who issued the affected credit cards and securing the servers that were compromised.
It also reset the passwords of its frequent flyer program.
AI further assured its customers that their data has not been found to be misused and advised them to change their passwords “wherever applicable”.
They also consulted Indian and foreign regulatory agencies.
Actions Customers Should Take
Customers should be cautious of potential phishing attempts to break into someone’s account by means of malicious links sent through SMS or emails.
One should also beware of calls, emails, texts or Whatsapp messages from unknown senders.
This also includes individuals claiming to be representatives of AI, one’s bank or any other company they are a customer of, especially when they ask for account or card details.
Another scam to be aware of is perpetrated by individuals who show up to one’s home address pretending to deliver a package which requires cash payment then and there.