It has only been three months since air transport data giant SITA reported a data breach, Air India servers also got hacked where the data of 45 lakh passengers were leaked.
Air India reported that the data processor of the passenger service system has recently been subjected to a cybersecurity attack leading to a personal data leak of 45 Lakh passengers. The hackers also breached credit card details, but the airline explained that the CVV/CVC numbers were not held by its data processor.
Air India admitted that the breach included personal data registered from 26th August 2011 to 20th February 2021. The cybercriminals hacked the date of birth, name, passport information, contact information, credit card data, Star Alliance, ticket information, and Air India frequent flyer data.
The company said that it is following measures to guarantee the safety of data and has started investigating the data security incident.
The identity of the affected data subjects was only offered to them by their data processor on March 25 and April 5 while they had received the first notification on February 2.
Air India is also trying to secure compromised servers, engaging external specialists to protect themselves from such incidents, notifying and contacting the credit card issuers, and resetting passwords of the Air India frequent flyer program.
Air India said that “While we and our data processor continue to take remedial actions. We would also encourage passengers to change passwords wherever applicable to ensure the safety of their personal data,”
How Could ESOF Have Prevented The Attack?
It is important to focus and act proactively on these kinds of attacks.
TAC Security’s ESOF VMP combines the widest view of vulnerability and risk data across the enterprise to create insightful cyber risk scores. The power of artificial intelligence and user-friendly analytics helps you measure, prioritize, and mitigate vulnerabilities across your entire IT stack.