Data of 4.5m passengers leaked in Air India cyber-attack

4.5 million Air India passengers had their personal data leaked following a cyber-attack on the airline’s SITA PSS data processor.

Air India said that it was first aware of the breach back in February.

But the company claimed that its data processor for the passenger service system, which is responsible for storing and processing personal information, only identified those impacted in March and April.

The breach involved personal data registered between 26 August 2011 and 3 February 2021. The stolen details included name, date of birth, contact information, passport information, ticket information, and Star Alliance and Air India frequents data.

Credit card data was also leaked, but the airline assured customers that CVV/CVC numbers were not held by the data processor.

Air India said that following the breach it investigated the incident, secured compromised servers, engaged external specialists of data security incidents, notified and liased with credit card issues, and reset passwords of Air India FFP programme.

“The protection of our customers’ personal data is of highest importance to us and we deeply regret the inconvenience caused and appreciate continued support and trust of our passengers,” the company said in a statement.

    Share Story:

Recent Stories


Bringing Teams to the table – Adding value by integrating Microsoft Teams with business applications
A decade ago, the idea of digital collaboration started and ended with sending documents over email. Some organisations would have portals for sharing content or simplistic IM apps, but the ways that we communicated online were still largely primitive.

Automating CX: How are businesses using AI to meet customer expectations?
Virtual agents are set to supplant the traditional chatbot and their use cases are evolving at pace, with many organisations deploying new AI technologies to meet rising customer demand for self-service and real-time interactions.