Hackers infiltrated the servers of the flag carrier airline of India, Air India Ltd., and gained access to the personal data of 4.5 million fliers, the airline informed on Saturday.
“As part of our commitment, we would like to inform you that SITA PSS, our data processor of the passenger service system, recently notified Air India of a data security breach involving personal data of certain passengers, including yours,” the airlines said in a communication to the passengers whose data got stolen, according to Hindustan Times.
In a note to fliers that were shared via Twitter, Air India said that personal data of passengers registered between August 26, 2011, and February 20, 2021, were compromised in the attack. The details included credit card and contact information and frequent flier data.
This new cyber breach raises fresh concerns for India after allegations earlier this year that Chinese intrusions may have affected operations at a key stock exchange and disrupted power supply in the country’s commercial hub, Mumbai. Cyber-attacks have become a growing threat in recent months with hacker groups targeting American government agencies and also research institutions in Japan.
In March, Air India had announced that it had been informed by its data processing company, SITA PSS, of a cyberattack in February, and it has taken several steps since including investigating the incident and securing the compromised servers.
“No abnormal activity was observed after securing the compromised servers,” the carrier’s notice said, according to Bloomberg. “We would also encourage passengers to change passwords wherever applicable to ensure safety of their personal data.”
Currently, the only international flights Air India is flying are special flights under the “Vande Bharat” mission as international travel remains suspended owing to the coronavirus disease (Covid-19) pandemic.