London Daily

Focus on the big picture.
Saturday, May 31, 2025

Air India: At least 4.5 million people's data exposed following IT system hack

Air India: At least 4.5 million people's data exposed following IT system hack

A company called SITA operated the breached system and revealed the hack in February, but not the scale or who was affected.

At least 4.5 million people had their personal data exposed after an IT system used by Air India was subjected to a "sophisticated cyber attack".

The airline was first notified of the breach in February, but only disclosed its involvement in the past week.

Details including names, passport information and payment details stretching back 10 years were accessed by the cybercriminals.

Other Star Alliance members have been affected


However, CVV/CVC numbers and passwords were not accessed, according to a statement.

The compromised software was operated by SITA Passenger Service System according to Air India.

SITA put out a statement acknowledging the hack at the beginning of March, but did not specify how many people were affected or which airlines had fallen prey.

Other major carriers were also affected, including Star Alliance members Singapore Airlines, New Zealand Air and Lufthansa.

Air India said that the incident "affected around 4,500,000 data subjects in the world" but did not specify how many were their customers.

The hackers managed to get their hands on data from 26 August 2011 to 3 February 2021.

The airline's statement said: "Air India would like to inform its valued customers that its Passenger Service System (PSS) provider has informed about a sophisticated cyber attack it was subjected to in the last week of February 2021.

"While the level and scope of sophistication is being ascertained through forensic analysis and the exercise is ongoing, the service provider has confirmed that post incident, no unauthorised activity inside the PSS infrastructure has been detected."

A second press release added that, after the notification of the hack, the steps taken included: "Investigating the data security incident, securing the compromised servers, engaging external specialists of data security incidents, notifying and liaising with the credit card issuers and resetting passwords of Air India Frequent Flyer Program."

It added: "Further, our data processor has ensured that no abnormal activity was observed after securing the compromised servers.

"While we and our data processor continue to take remedial actions including but not limited to the above, we would also encourage passengers to change passwords wherever applicable to ensure safety of their personal data."

Newsletter

Related Articles

0:00
0:00
Close
Satirical Sketch Sparks Political Spouse Feud in South Korea
Indonesia Quarry Collapse Leaves Multiple Dead and Missing
South Korean Election Video Pulled Amid Misogyny Outcry
Asian Economies Shift Away from US Dollar Amid Trade Tensions
Netflix Investigates Allegations of On-Set Mistreatment in K-Drama Production
US Defence Chief Reaffirms Strong Ties with Singapore Amid Regional Tensions
Vietnam Faces Strategic Dilemma Over China's Mekong River Projects
Malaysia's First AI Preacher Sparks Debate on Islamic Principles
White House Press Secretary Criticizes Harvard Funding, Advocates for Vocational Training
France to Implement Nationwide Smoking Ban in Outdoor Spaces Frequented by Children
Meta and Anduril Collaborate on AI-Driven Military Augmented Reality Systems
Russia's Fossil Fuel Revenues Approach €900 Billion Since Ukraine Invasion
U.S. Justice Department Reduces American Bar Association's Role in Judicial Nominations
U.S. Department of Energy Unveils 'Doudna' Supercomputer to Advance AI Research
U.S. SEC Dismisses Lawsuit Against Binance Amid Regulatory Shift
Alcohol Industry Faces Increased Scrutiny Amid Health Concerns
Italy Faces Population Decline Amid Youth Emigration
U.S. Goods Imports Plunge Nearly 20% Amid Tariff Disruptions
OpenAI Faces Competition from Cheaper AI Rivals
Foreign Tax Provision in U.S. Budget Bill Alarms Investors
Trump Accuses China of Violating Trade Agreement
Gerry Adams Wins Libel Case Against BBC
Russia Accuses Serbia of Supplying Arms to Ukraine
EU Central Bank Pushes to Replace US Dollar with Euro as World’s Main Currency
Chinese Woman Dies After Being Forced to Visit Bank Despite Critical Illness
President Trump Grants Full Pardons to Reality TV Stars Todd and Julie Chrisley
Texas Enacts App Store Accountability Act Mandating Age Verification
U.S. Health Secretary Ends Select COVID-19 Vaccine Recommendations
Vatican Calls for Sustainable Tourism in 2025 Message
Trump Warns Putin Is 'Playing with Fire' Amid Escalating Ukraine Conflict
India and Pakistan Engage Trump-Linked Lobbyists to Influence U.S. Policy
U.S. Halts New Student Visa Interviews Amid Enhanced Security Measures
Trump Administration Cancels $100 Million in Federal Contracts with Harvard
SpaceX Starship Test Flight Ends in Failure, Mars Mission Timeline Uncertain
King Charles Affirms Canadian Sovereignty Amid U.S. Statehood Pressure
Trump Threatens 25% Tariff on iPhones Amid Dispute with Apple CEO
Putin's Helicopter Reportedly Targeted by Ukrainian Drones
Liverpool Car Ramming Incident Leaves Multiple Injured
Australia Faces Immigration Debate Following Labor Party Victory
Iranian Revolutionary Guard Founder Warns Against Trusting Regime in Nuclear Talks
Macron Dismisses Viral Video of Wife's Gesture as Playful Banter
Cleveland Clinic Study Questions Effectiveness of Recent Flu Vaccine
Netanyahu Accuses Starmer of Siding with Hamas
Junior Doctors Threaten Strike Over 4% Pay Offer
Labour MPs Urge Chancellor to Tax Wealthy Over Cutting Welfare
Publication of UK Child Poverty Strategy Delayed Until Autumn
France Detains UK Fishing Vessel Amid Post-Brexit Tensions
Calls Grow to Resume Syrian Asylum Claims in UK
Nigel Farage Pledges to Reinstate Winter Fuel Payments
Boris and Carrie Johnson Welcome Daughter Poppy
×