Hackers Break Into Airline Passenger System, Access Super-Sensitive Information

Air India has been the victim of a cybersecurity attack, with the company recently confirming in a notification to passengers that unknown individuals have accessed the data of 4.5 million customers.
Air India says it became aware of the hack in February 1 photo
Photo: Air India
What’s worse is that the exposed information includes super-sensitive details, such as name, date of birth, contact information, passport information, ticket information, Star Alliance and Air India frequent flyer data, as well as credit card data. No passwords have been compromised, and the CVV/CVC numbers are still safe, as they’re not stored anywhere.

Air India explains that the passenger service system that’s been compromised, which stores and processes the personal information of the airline’s customers, included data of people traveling with the company between August 26, 2011, and February 3, 2021.

The airline says it first became aware of the hack on February 25 this year, explaining that it could finally obtain all details about the attack following an investigation in March and April.

Air India adds in the notification to passengers that it continues to look into the security incident and working on securing the compromised servers while at the same time reaching out to external security experts for additional information on the matter. And of course, the company is also reaching out to all credit card issuers and resetting all passwords of the Air India FFP program.

Further, our data processor has ensured that no abnormal activity was observed after securing the compromised servers. While we and our data processor continue to take remedial actions including but not limited to the above, we would also encourage passengers to change passwords wherever applicable to ensure safety of their personal data,” it says.

No information has been provided regarding the hacking group that may have been involved in the attack. Still, it’s believed a state-sponsored group is responsible for compromising the server and stealing the personal data of 4.5 million passengers.
If you liked the article, please follow us:  Google News icon Google News Youtube Instagram X (Twitter)
About the author: Bogdan Popa
Bogdan Popa profile photo

Bogdan keeps an eye on how technology is taking over the car world. His long-term goals are buying an 18-wheeler because he needs more space for his kid’s toys, and convincing Google and Apple that Android Auto and CarPlay deserve at least as much attention as their phones.
Full profile


Would you like AUTOEVOLUTION to send you notifications?

You will only receive our top stories