Air India discloses data of 4.5m passengers were stolen in SITA cyber attack

Air India passenger data, across a 10-year period, was stolen in the February cyber attack suffered by SITA.
Written by Campbell Kwan, Contributor
Image: Getty Images

Three months after global aviation industry IT supplier SITA fell victim to a cyber attack, Air India has disclosed the incident resulted in the data of around 4.5 million of its passengers being stolen.

The breach involved personal data spanning almost 10 years, from 26 August 2011 to 3 February 2021, Air India said in a statement [PDF]. The stolen information included name, date of birth, contact information, passport information, ticket information, Star Alliance and Air India frequent flyer data, and credit card data.

No frequent flyer passwords or CVV/CVC data were stolen, however, as this information was not held by SITA.

SITA, an information technology and communications company, is the data processor of Air India's passenger service system.    

While the SITA cyber attack was first discovered at the end of February, Air India said it only understood the severity of the cyber attack last month. Since then, Air India has been conducting investigations, securing compromised servers, engaging external specialists, notifying and liaising with credit card issuers, and resetting passwords of the Air India FFP program, it said.

When the cyber attack was disclosed, SITA said Star Alliance and One World airlines were affected. Alongside Air India, this included Finnair, Japan Airlines, Jeju Air, Lufthansa, Malaysia Airlines, Air New Zealand, Cathay Pacific, Singapore Airlines, among others.

In March, Singapore Airlines disclosed 580,000 of its frequent flyer members were compromised in the cyber attack.

According to SITA, the vendor serves around 90% of the world's airlines, which amounts to 2,800 customers including airlines, airports, and government agencies.

Over the weekend, a handful of airlines were forced to cancel or delay flights after Sabre suffered a global IT outage. Virgin Australia, American Airlines, and Alaska Airlines were among the airlines affected. 

Sabre blamed the outage on its hardware provider, Dell EMC. 

"Dell/EMC has confirmed it experienced a hardware redundancy failure that impacted Sabre's system, including PSS and check-in," Sabre told ZDNet. "The issue has been resolved. Dell/EMC is working to understand why the failure occurred."

Related Coverage

Editorial standards