Air India Data Breach: SITA Hack More Severe Than Initially Reported

Air India Data Breach Affects Millions of Passengers

Approximately three months following the initial report of a data security incident at SITA, a major air transport data company, the full extent of the compromise is still being determined.

Air India has recently announced that the personal information of roughly 4.5 million passengers was exposed as a result of the breach at SITA, which functions as a data processor for the Indian airline.

Details of the Compromised Data

According to Air India’s official statement (PDF), the stolen data encompassed a wide range of passenger details. This included names, credit card information, dates of birth, contact details, passport information, and ticket details.

Furthermore, data related to both Star Alliance and Air India frequent flyer programs was also affected. However, Air India clarified that CVV/CVC data associated with credit cards was not stored by SITA.

Timeline of the Data Exposure

The compromised data pertains to passengers who had registered with Air India over a ten-year period, spanning from August 26, 2011, to February 3, 2021.

This revelation surfaced several months after SITA initially acknowledged a data breach impacting passenger data. SITA had previously informed numerous airlines, including Malaysia Airlines, Finnair, Singapore Airlines, Jeju Air, Cathay Pacific, Air New Zealand, and Lufthansa, about the incident.

SITA’s Response and Ongoing Investigation

Headquartered in Geneva, Switzerland, SITA serves an estimated 90% of the world’s airlines. Initially, the company refrained from disclosing the specific data compromised, citing an ongoing investigation. This investigation is still currently in progress.

Air India stated that they were first alerted to the cyberattack by SITA on February 25th. However, the specifics regarding the nature of the compromised data were not provided until March 25th and April 5th.

Air India’s Actions Following the Breach

The airline, currently reliant on government funding, asserts that it has undertaken a thorough investigation of the security incident. They have also secured the affected servers and collaborated with external security specialists.

Additionally, Air India claims to have notified relevant credit card issuers and reset passwords for its frequent flyer program to enhance security.

Recent Increase in Data Breaches in India

Air India is not alone in experiencing a data breach. Several other Indian companies have recently disclosed similar incidents.

• MobiKwik, a major payments platform, reported investigating a potential breach exposing data from nearly 100 million users.
• Alleged records of approximately 20 million BigBasket customers were leaked on the dark web.
• A security flaw at Jio Platforms exposed coronavirus symptom checker results.
• West Bengal state and Dr Lal PathLabs also suffered data breaches.
• Spicejet, a competitor to Air India, confirmed a data breach last year.

These incidents highlight a growing trend of data security vulnerabilities within Indian organizations.