What Happened?

Air India disclosed a data breach when personal information of around 4.5 million of its customers was leaked following the hack of Passenger Service System provider SITA  (Société Internationale de Télécommunications Aéronautiques) in February 2021. SITA is a travel technology company that is one of the most prominent suppliers of airline software, such as passenger service systems and so on. The company supplies software systems to hundreds of airlines across the world.

The breach impacted the data of passengers registered between August 2011 and February 2021.The data includes details such as name, date of birth, contact information, passport information, ticket information, Star Alliance, and Air India frequent flyer data. However, after investigating the security incident, it was found that no credit card information or password data was accessed during the breach.

 

Cause of the Breach:

The Indian national carrier informed passengers in a breach notification that its data processor, SITA, was the victim of a cyber-attack in the last week of February. This incident affected around 4,500,000 records in the world.

Air India has also notified its customers about the data breach through e-mail. The snapshot of the e-mail is attached below.

 

Many other air carriers besides Air India informed passengers that some of their data was accessed due to the breach of SITA’s Passenger Service System (PSS), which handles transactions from ticket reservations to boarding.

SITA also confirmed the breach saying that it reached out to affected PSS customers and all related organizations in early March.

Impact

The data breach exposes highly sensitive data. Having such sensitive financial data in the public domain would make it incredibly easy to trick, defraud, and steal from the people exposed.

 

 

Recommendations:

• As a precaution, Air India urges its passengers to change their credentials to block potential breach attempts and ensure their data security.
• Users, whose data was leaked due to this data breach, must take necessary actions as their data could be abused by attackers to take over user accounts and perform fraudulent transactions.
• Users of online payment apps must take precautions to secure their accounts by using recommended security measures such as strong, unique passwords, and two-factor authentication (2FA) methods
• Users should also be wary of targeted phishing emails that pretend to be from Air India and utilize the information stored in this database.