Air India passengers' personal data leaked in a cyber attack does not include CVV number

Air India passengers' personal data leaked in a cyber attack does not include CVV number
Nearly 4.5 lakh people's personal details were leaked in the breach.Flickr
National carrier Air India on Friday reported that some information of its passengers has been compromised in a massive cyber data breach with its vendor SITA PSS.

According to industry sources, the data breach has impacted other global airlines as well.

Recently, systems of SITA PSS came under a cyber-security attack leading to personal data leak of certain passengers.

Complimentary Tech Event
Transform talent with learning that works
Capability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More
The vendor is responsible for storing and processing of personal information of the passengers.

In a statement on Friday, Air India said the incident has affected around 4,500,000 data subjects in the world.


"The breach involved personal data registered between 26th August 2011 and 3rd February 2021, with details that included name, date of birth, contact information, passport information, ticket information, 'Star Alliance' and 'Air India' frequent flyer data (but no passwords data were affected) as well as credit cards data."

"However, in respect of this last type of data, CVV or CVC numbers are not held by our data processor."

The airline said it is investigating the data security incident, securing the compromised servers, engaging external specialists of data security incidents, and notifying and liaising with the credit card issuers.

Furthermore, the airline said the data processor has ensured that no abnormal activity was observed after securing the compromised servers.

"While we and our data processor continue to take remedial actions including but not limited to the above, we would also encourage passengers to change passwords wherever applicable to ensure safety of their personal data."

"The protection of our customers' personal data is of highest importance to us and we deeply regret the inconvenience caused and appreciate continued support and trust of our passengers."

Crypto enthusiasts now hate Elon Musk; launch a new cryptocurrency called StopElon
India’s largest bank is paying out a dividend for the first time in four years
Salt, water and the hunt for life — Here are the biggest discoveries about Mars in the last three months