India’s government-owned Airline company Air India has confirmed that 10 years of customer data leaked after its passenger service system provider SITA faced a cyber attack in February.
The leaked data contains personal data including name, date of birth, contact information, passport information, ticket information, and credit card data of passengers. The airline also admitted that details of credit cards have been breached but it doesn’t store CVV/CVC numbers.
Around 4.5 million passengers of Air India who registered between August 11, 2011, and February 3, 2021 are affected. The company recommends users to change the password.
“While we and our data processor continue to take remedial actions. We would also encourage passengers to change passwords wherever applicable to ensure the safety of their personal data,” Air India said in a statement.
Air India has also confirmed that the company has initiated an investigation into the incident will work further on securing the compromised servers and boosting the security of its tech infrastcuture.
SITA is a Switzerland-based company that also serves several other airlines including Singapore Airlines, Lufthansa, and United besides Air India. The company has notified all airlines that use its passenger service system.