In what marks one of the most critical cyberattack incidents in India, flag carrier airline Air India, has reported a massive data breach attack that compromised over 4.5 million users.

Air India SITA PSS server hacked:

Reporting the incident via a tweet, Air India stated that its SITA PSS server was the victim of the data breach.

SITA is a Geneva-based multinational information technology company providing IT and telecommunication services to the air transport industry. The company provides its services to around 400 members and 2,800 customers worldwide, which it claims is about 90% of the world’s airline business.

One of SITA’s customers is Air India and the server is responsible for storing and processing the personal information of fliers.

As was reported by the airline company, the passenger system operator of the Air India SITA PSS server faced a data breach. 

Reportedly, data of customers of other global airlines such as Malaysia Airlines, Finnair, Singapore Airlines, Lufthansa, and Cathay Pacific has also been stolen in the cybersecurity attack. 

Massive user data compromised:

Detailing the impact of the data breach, it was provided that the data of fliers who traveled between August 26, 2011, to February 20, 2021, was accessed, thus giving the timeline of massive data that was accessed.

Personal details of Air India flyers such as name, date of birth, and contact information along with financial details like credit card number were reportedly compromised in the cybersecurity attack. 

Other data such as Passport details, ticket information, Star Alliance, and their frequent flyer data were also been breached on the cyberattack.

However, the airline’s company has affirmed that no data regarding CVV or CVS number was compromised since they are not stored in the impacted servers.

Air India has provided that the impacted customers are being contacted via email, which details the data breach attack.

To mitigate any current or future threats posed by the attack, Air India has recommended that users also update their details and passwords.

Initiating vital investigation:

As for the data breach attack, an investigation has been reportedly initiated by the airline organization in coordination with proper cybersecurity authorities.

Since the investigations are still underway, details regarding the perpetrators of the data breach attack, or the impact of the attacks have not been disclosed.

Air India is currently engaging with external cybersecurity experts to secure its servers. It is also contacting credit card issuers along with resetting the passwords of customers of its frequent flyer program.