Skip to content

Air India cyberattack affected 10 years worth of data of 4.5 million users

  • by
  • 2 min read

Air India’s database breach from February 2021 compromised the data of 4.5 million customers, including the name, date of birth, contact, credit card information, passport, ticket, Star Alliance and Air India frequent flyer data.

According to Air India’s update from May 15, 2021, its data processor SITA PSS informed the airline about the breach on February 25 and provided further details about data leaked on March 25 and April 5. The airlines maintain that no passwords were leaked, and the data processor doesn’t store card CVV or CVC numbers.

As per Air India’s findings, the data leaked in the breach was registered between August 26, 2011, and February 3, 2021.

“SITA PSS, our data processor of the passenger service system (which is responsible for storing and processing of personal information of the passengers), had recently been subjected to a cybersecurity attack leading to personal data leak of certain passengers. This incident affected around 4,500,000 data subjects in the world,” Air India said in the breach notification last week.

India’s erstwhile premium international airlines say that they’ve secured the compromised servers, have notified the credit card issuers and reset passwords of their FFP program after losing almost 10 years worth of data collected from millions of people.

In a statement on March 19, 2021, Air India said, “Air India would like to inform its valued customers that its Passenger Service System provider has informed about a sophisticated cyber attack it was subjected to in the last week of February 2021. While the level and scope of sophistication is being ascertained through forensic analysis and the exercise is ongoing, the service provider has confirmed that post incident , no unauthorized activity inside the PSS infrastructure has been detected. Air India meanwhile is in liaison with various regulatory agencies in India and abroad, and has apprised them about the incident in accordance with its obligations.”

In the News: Spotify is bringing offline playback to Apple Watch



Writes news mostly and edits almost everything at Candid.Technology. He loves taking trips on his bikes or chugging beers as Manchester United battle rivals. Contact Prayank via email: