Air India disclosed a data breach when personal information of around 4.5 million of its customers was leaked following the hack of Passenger Service System provider SITA in February 2021.
The Indian national carrier informed passengers in a breach notification that its data processor, SITA, was the victim of a cyberattack in the last week of February. This incident affected around 4,500,000 data subjects in the world.
The breach impacted the data of passengers registered between August 2011 and February 2021.
The data includes details such as name, date of birth, contact information, passport information, ticket information, Star Alliance, and Air India frequent flyer data. However, after investigating the security incident, it was found that no credit card information or password data was accessed during the breach.
As a precaution, Air India urges its passengers to change their credentials to block potential breach attempts and ensure their data security.
Many other air carriers besides Air India informed passengers that some of their data was accessed due to the breach of SITA’s Passenger Service System (PSS), which handles transactions from ticket reservations to boarding.
SITA also confirmed the breach saying that it reached out to affected PSS customers and all related organizations in early March.