Air India explains that the passenger service system that’s been compromised, which stores and processes the personal information of the airline’s customers, included data of people traveling with the company between August 26, 2011, and February 3, 2021.
The airline says it first became aware of the hack on February 25 this year, explaining that it could finally obtain all details about the attack following an investigation in March and April.
Air India adds in the notification to passengers that it continues to look into the security incident and working on securing the compromised servers while at the same time reaching out to external security experts for additional information on the matter. And of course, the company is also reaching out to all credit card issuers and resetting all passwords of the Air India FFP program.
“Further, our data processor has ensured that no abnormal activity was observed after securing the compromised servers. While we and our data processor continue to take remedial actions including but not limited to the above, we would also encourage passengers to change passwords wherever applicable to ensure safety of their personal data,” it says.
No information has been provided regarding the hacking group that may have been involved in the attack. Still, it’s believed a state-sponsored group is responsible for compromising the server and stealing the personal data of 4.5 million passengers.