Passenger data from Air India was stolen over a ten-year span during SITA’s February cyberattack.
Air India has revealed that the incident resulted in the data of about 4.5 million of its passengers being taken, three months after global aviation industry IT provider SITA was victimised by a cyber attack.
Air India announced in a statement [PDF] that the data breach spanned over ten years, from August 26, 2011, to February 3, 2021. Name, date of birth, contact information, passport information, ticket information, Star Alliance and Air India frequent flyer data, and credit card data were among the data stolen.
However, no frequent flyer passwords or CVV/CVC data were obtained because SITA did not have this information.
The data processor for Air India’s passenger service system is SITA, an information technology and communications corporation.
While the SITA cyber assault was originally noticed at the end of February, Air India only realised the full extent of the attack last month. Since then, Air India has been conducting investigations, protecting compromised servers, consulting external specialists, notifying and coordinating with credit card issuers, and resetting Air India FFP programme passwords, according to the company.
SITA said Star Alliance and One World airlines were affected when the cyber assault was revealed. Finnair, Japan Airlines, Jeju Air, Lufthansa, Malaysia Airlines, Air New Zealand, Cathay Pacific, and Singapore Airlines were among the airlines involved, in addition to Air India.
Singapore Airlines revealed in March that a cyber assault had compromised 580,000 of its frequent flyer members.
SITA claims to serve 90 percent of the world’s airlines, with a total of 2,800 customers including airlines, airports, and government institutions.
After Sabre’s global IT breakdown over the weekend, a number of airlines were forced to cancel or delay flights. Among the airlines affected were Virgin Australia, American Airlines, and Alaska Airlines.
Dell EMC, Sabre’s hardware vendor, was blamed for the downtime.
Sabre told ZDNet that “Dell/EMC acknowledged it encountered a hardware redundancy failure that impacted Sabre’s system, including PSS and check-in.” “The problem has been fixed. Dell/EMC is investigating the cause of the failure.”
Diginews.live is now on Telegram. Join Diginews channel in your Telegram and stay updated with latest news
The original article was published here