Estimated reading time: 1 minute, 38 seconds

Air India Data Breach Shows Wide Reach of February Hack  

On February 24, global air transport data behemoth SITA confirmed a data breach involving passenger data. A number of airlines, including American and United, warned their travelers that frequent flier information may have been affected.

plane 841441 640smallNow, three months later, the full extent of the damage is still coming into view. As TechCrunch reports, Air India revealed this week that the incident at SITA exposed the personal information of about 4.5 million passengers.

According to a statement by the Indian flag carrier airline, the breach of its data processor exposed passengers’ names, birthdates, credit card information, contact details, passport data and more.

While Air India noted that SITA did not have the CVV/CVC numbers from credit cards, the airline also called on travelers to update their passwords “wherever applicable to ensure safety of their personal data.”

Customers who registered with Air India between August 26, 2011 and February 3, 2021 were affected, according to the airline.

SITA is based in Geneva, Switzerland, and is thought to work with 90% of global carriers. The company initially said it had contacted Malaysia Airlines, Finnair, Singapore Airlines, Jeju Air, Cathay Pacific, Air New Zealand, and Lufthansa about the hack. SITA said in early March that it couldn’t share specific information exposed in the hack due to an ongoing investigation.

As Engadget reports, Air India said that while it learned of the breach on February 25 and published an alert on March 19, it didn’t find out the names of the passengers touched by the incident until March 25 and May 4. The identity of who was behind the breach is still unclear.

A 2018 data breach of another airline, Cathay Pacific, affected as many as 9.4 million travelers.

As Insurance Journal notes, Air India is also in the midst of a legal fight with British firm Cairn Energy, which was awarded a $1.2 billion arbitration award in December.

Another recent airline data breach hit easyJet, which disclosed in 2020 that about 9 million customers had their email and travel details accessed in a cyber attack.

Read 1788 times
Rate this item
(0 votes)

Visit other PMG Sites:

PMG360 is committed to protecting the privacy of the personal data we collect from our subscribers/agents/customers/exhibitors and sponsors. On May 25th, the European's GDPR policy will be enforced. Nothing is changing about your current settings or how your information is processed, however, we have made a few changes. We have updated our Privacy Policy and Cookie Policy to make it easier for you to understand what information we collect, how and why we collect it.