Air India: At least 4.5 million people's data exposed following IT system hack | Science & Tech News | Sky News
Air India: At least 4.5 million people's data exposed following IT system hack
A company called SITA operated the breached system and revealed the hack in February, but not the scale or who was affected.
Monday 24 May 2021 06:28, UK
CYBERATTACKS
Air India has revealed some 4.5 million people's data was exposed
Image:
Air India has revealed some 4.5 million people's data was exposed
Why you can trust Sky News
At least 4.5 million people had their personal data exposed after an IT system used by Air India was subjected to a "sophisticated cyber attack".
The airline was first notified of the breach in February, but only disclosed its involvement in the past week.
Details including names, passport information and payment details stretching back 10 years were accessed by the cybercriminals.
Other Star Alliance members have been affected
Image:
Other Star Alliance members have been affected
However, CVV/CVC numbers and passwords were not accessed, according to a statement.
The compromised software was operated by SITA Passenger Service System according to Air India.
SITA put out a statement acknowledging the hack at the beginning of March, but did not specify how many people were affected or which airlines had fallen prey.
Other major carriers were also affected, including Star Alliance members Singapore Airlines, New Zealand Air and Lufthansa.
More on Cyberattacks
Cyber attack on US government: Biden accused Trump of failing on security
Cyber space will become 'most contested domain', warns UK security chief
Coronavirus: Cyber Security Centre handled record number of incidents over past year
Unit 74455: Russian hackers wanted by the FBI
Coronavirus: Criminals exploiting COVID-19 pandemic with email scams
Coronavirus: Cybercriminals target healthcare workers with email scam
Air India said that the incident "affected around 4,500,000 data subjects in the world" but did not specify how many were their customers.
The hackers managed to get their hands on data from 26 August 2011 to 3 February 2021.
The airline's statement said: "Air India would like to inform its valued customers that its Passenger Service System (PSS) provider has informed about a sophisticated cyber attack it was subjected to in the last week of February 2021.
"While the level and scope of sophistication is being ascertained through forensic analysis and the exercise is ongoing, the service provider has confirmed that post incident, no unauthorised activity inside the PSS infrastructure has been detected."
A second press release added that, after the notification of the hack, the steps taken included: "Investigating the data security incident, securing the compromised servers, engaging external specialists of data security incidents, notifying and liaising with the credit card issuers and resetting passwords of Air India Frequent Flyer Program."
It added: "Further, our data processor has ensured that no abnormal activity was observed after securing the compromised servers.
"While we and our data processor continue to take remedial actions including but not limited to the above, we would also encourage passengers to change passwords wherever applicable to ensure safety of their personal data."
A company called SITA operated the breached system and revealed the hack in February, but not the scale or who was affected.
Monday 24 May 2021 06:28, UK
CYBERATTACKS
Air India has revealed some 4.5 million people's data was exposed
Image:
Air India has revealed some 4.5 million people's data was exposed
Why you can trust Sky News
At least 4.5 million people had their personal data exposed after an IT system used by Air India was subjected to a "sophisticated cyber attack".
The airline was first notified of the breach in February, but only disclosed its involvement in the past week.
Details including names, passport information and payment details stretching back 10 years were accessed by the cybercriminals.
Other Star Alliance members have been affected
Image:
Other Star Alliance members have been affected
However, CVV/CVC numbers and passwords were not accessed, according to a statement.
The compromised software was operated by SITA Passenger Service System according to Air India.
SITA put out a statement acknowledging the hack at the beginning of March, but did not specify how many people were affected or which airlines had fallen prey.
Other major carriers were also affected, including Star Alliance members Singapore Airlines, New Zealand Air and Lufthansa.
More on Cyberattacks
Cyber attack on US government: Biden accused Trump of failing on security
Cyber space will become 'most contested domain', warns UK security chief
Coronavirus: Cyber Security Centre handled record number of incidents over past year
Unit 74455: Russian hackers wanted by the FBI
Coronavirus: Criminals exploiting COVID-19 pandemic with email scams
Coronavirus: Cybercriminals target healthcare workers with email scam
Air India said that the incident "affected around 4,500,000 data subjects in the world" but did not specify how many were their customers.
The hackers managed to get their hands on data from 26 August 2011 to 3 February 2021.
The airline's statement said: "Air India would like to inform its valued customers that its Passenger Service System (PSS) provider has informed about a sophisticated cyber attack it was subjected to in the last week of February 2021.
"While the level and scope of sophistication is being ascertained through forensic analysis and the exercise is ongoing, the service provider has confirmed that post incident, no unauthorised activity inside the PSS infrastructure has been detected."
A second press release added that, after the notification of the hack, the steps taken included: "Investigating the data security incident, securing the compromised servers, engaging external specialists of data security incidents, notifying and liaising with the credit card issuers and resetting passwords of Air India Frequent Flyer Program."
It added: "Further, our data processor has ensured that no abnormal activity was observed after securing the compromised servers.
"While we and our data processor continue to take remedial actions including but not limited to the above, we would also encourage passengers to change passwords wherever applicable to ensure safety of their personal data."