Share this article on:
Over 4 million Air India customers’ personal information has been compromised after its Passenger Service System (PSS) provider was hacked in late February.
The data affected was stored in SITA's PSS servers and included sensitive, personal information like names, birthdates, contact information, credit card data and passport details from 4.5 million data subjects globally.
The airline has confirmed that sensitive information like credit card CVV/CVC numbers were not affected because "the data processor does not handle them".
Air India launched an investigation immediately after discovering the data breach on 25 February 2021 and has secured all compromised servers. Identities of the travellers most impacted by the personal data leak were pinpointed between 25 March and 5 April 2021.
A spokesperson from Air India maintains that the airline has continued to bolster remedial actions months following the data security attack, but the airline has still strongly recommended for customers to change their passwords in order to "ensure the safety of their personal data".
“The protection of our customers’ personal data is of highest importance to us and we deeply regret the inconvenience caused and appreciate continued support and trust of our passengers,” the Air India spokesperson said.
[Related: UK pledges international cyber security funding]
Nastasha is a Journalist at Momentum Media, she reports extensively across veterans affairs, cyber security and geopolitics in the Indo-Pacific. She is a co-author of a book titled The Stories Women Journalists Tell, published by Penguin Random House. Previously, she was a Content Producer at Verizon Media, a Digital Producer for Yahoo! and Channel 7, a Digital Journalist at Sky News Australia, as well as a Website Manager and Digital Producer at SBS Australia. Nastasha started her career in media as a Video Producer and Digital News Presenter at News Corp Australia.