Air India’s website had faced a major cyber security attacks where passenger service system has been hacked and exposed the personal information of lakhs of passengers, including their credit card and passport details etc. as reported by the company on Friday.
The personal data registered with the airline between 26th August, 2011 and 3rd February, 2021, with details that included name, date of birth, contact information, passport information, ticket information as well as credit card data were breached. According to Air India, The SITA PSS of Air India’s data processor of the passenger service system (which is responsible for storing and processing of personal information of the passengers) has been breached leading to exposure of personal data.
However, the airline clarified that CVV/CVC data of the credit card holders were not stored in their data. The incident has reportedly affected around 45 lakh data subjects across the globe.
The national carrier received the first information regarding the data breach on February 25, and the identity of the affected data subjects was received on March 25 and April 5.