Cyber Attack In Air India "This incident affected around 4,500,000 data subjects in the world "

Cyber Attack In Air India "This incident affected around 4,500,000 data subjects in the world "

Ten years' worth of Air India customer data details such as credit cards, passports and phone numbers have been leaked in a big  cyber-attack on its data processor in the month of February, the airline has disclosed this information.

The hack has affected nearly 45 lakh passengers who registered between the 26th August 2011 and 3rd February 2021, Air India stayed that and disclosing the parameter of the breach nearly three months after it was first informed of it. Information like Names, date of birth, contact information and ticket information have also been stolen in the 'highly sophisticated' attack that targeted the Geneva-based customers system operator SITA that serves the Star Alliance of airlines such as Singapore Airlines, Lufthansa and United besides Air India as well.

Air India stated that "While we had received the first notification in this regard from our data processor on 25.02.2021, we would like to clarify that the identity of the affected data subjects was only provided to us by our data processor on 25.03.2021 and 5.04.2021," in an E-mail to customers. The Company also stated that, it had launched an investigation into the incident and took steps which was  securing the compromised servers, engaging external specialists of data security incidents, contacting credit card issuers and resetting passwords of its frequent flyer programme to get information as soon as possible.

SITA had publicly disclosed that the incident happened first in March prompting almost a dozen of different airlines including Singapore Airlines and Malaysia Airlines to inform customers that some of their data was accessed by an intruder. In 2020, The British Airways incurred a 20 million-pound (over Rs 180 crore) charged fine after failing to protect data that left more than 4 lakh of its passengers' details the matter of a massive cyber-attack which was in 2018.