Air India limited, said there was a data breach which affected over 4.5 million of its customers over a period of 10 years after its Passenger Service System (PSS) provider SITA were hacked by cyber criminals.
Air India said the data that was stolen by the hackers involves personal data between Aug. 26, 2011 and Feb. 3, 2021 nearly 10 years, including details of customers such as names, contact information, passport information, dates of birth, contact information, ticket information, Star Alliance, and Air India frequent flyer data as well as credit card information.
Air India said neither Card Verification Value/ Card Verification Code, numbers associated with customers credit cards and passwords are not part of the data stolen by the hackers.
SITA PSS is used by many airline carriers across the globe for processing airline passenger data as part of their frequent flyer programs.
SITA is the world’s leading specialist in air transport communications and information technology.
Air India now has been part of the airlines which has experience cyber attack which includes: American Airlines, Malaysia Airlines, South Korea’s Jeju Air, Lufthansa, Air New Zealand, Singapore Airlines, Scandinavian Airlines, Cathay Pacific, Finnair, and United Airlines.
Cyber Crimials has bypass the security of these most trusted airline to steal their data.
Air India said they have engaged external specialists and that it notified credit card issuers of the issue, besides resetting passwords of its frequent flyer program.
Air India also said customers should change their credit card password.
According to DarkTracer, the information stolen from Air India following the SITA PSS server get hacked by cyber criminals is now being allegedly sold on the dark web for $3,000.
