45 lakh flyers’ details leaked in massive Air India data breach

The airlines said it has secured compromised servers by engaging external specialists in data security

Pee-gate: DGCA slaps Rs 30 lakh fine on Air India, suspends pilot's license for 3 months
The breach involved personal data registered between 26th August 2011 and 3rd February 2021

Air India’s passenger service system provider SITA faced a sophisticated cyberattack in February this year leading to the leak of personal data of 4.5 million passengers —which included passengers of the national carrier — from across the world, the PTI said, quoting official sources. SITA is based out of Geneva in Switzerland.

Personal data — including name, date of birth, contact information, passport information, ticket information and credit card data —which was registered between August 11, 2011, and February 3, 2021, has been leaked of a certain number of Air India’s passengers, the statement issued by the airline said.

“While we and our data processor continue to take remedial actions…We would also encourage passengers to change passwords wherever applicable to ensure safety of their personal data,” it said.

“Air India would like to inform its valued customers that its passenger service system provider has informed about a sophisticated cyber-attack it was subjected to in the last week of February 2021,” the airline said.


While the level and scope of sophistication are being ascertained through forensic analysis and the exercise is ongoing, SITA has confirmed that no unauthorised activity has been detected inside the system’s infrastructure after the incident, it added.

“Air India meanwhile is in liaison with various regulatory agencies in India and abroad, and has apprised them about the incident in accordance with its obligations,” the airline said.

However, with respect to credit cards’ data, CVV/CVC numbers are not held by SITA, the airline clarified.

It said that the identity of its affected passengers was provided to it by SITA on March 25 and April 5 only. Air India along with the service provider is carrying out risk assessment and would further update as and when it becomes available, it said.

The airline said it has taken the following steps after the data security incident: Secured the compromised servers, engaged external specialists of data security incidents, notified and in talks with the credit card issuers and reset the passwords of Air India frequent flyer programme.