Air India

India’s government Air carrier, Air India, has met with a major data breach.

The data breach was acknowledged on 25th March, 2021, as they were notified by their data provider.

A new update to the attack has been added today on Air India’s official website, with users getting SMS and email regarding the same.

What’s impacted?

SITA PSS, the system responsible for storing and processing the personal information of the passengers. The official statement says that over 4,50,000 users around the world.

Air India has confirmed the leak of personal details including name, date of birth, contact information, passport information, ticket information, Star Alliance and Air India frequent flyer data credit card details(except for CVV/CVC that were not held by either the Airline or the data carrier itself.)

As mentioned on the notification, issued on their website:

The breach involved personal data registered between 26th August 2011 and 3rd February 2021, with details that included name, date of birth, contact information, passport information, ticket information, Star Alliance and Air India frequent flyer data (but no passwords data were affected) as well as credit cards data. However, in respect of this last type of data, CVV/CVC numbers are not held by our data processor.

This comes as no surprise as the airline’s official website lacks the proper implementation of basic SSL standard on their website.

Air India Site

It tells a lot about their emphasis on the privacy of its customers.

Social Media Furore

 

THE STORY IS DEVELOPING. MORE INFORMATION IS BEING ADDED IN REALTIME.