Air India: At least 4.5 Million People’s Data Exposed Following IT System Hack

Approximately three hundred million people are at risk of identity theft due to major data breaches over the past decade. Among the numerous cases in which various reputed organisations have fallen victim to unethical cyberattacks, the most recent is the data breach in the system of Air India.

This state-owned company, regulated by Air India Limited, is referred to as the country’s flag carrier airline. It operates a fleet of Airbus and Boeing aircraft flying to around 102 domestic and international destinations.

The “sophisticated attack,” which took place around February 2021, was officially announced by the company in May.

According to their announcement and the analysis of experts, this sudden unethical attack on the company’s servers leaked around 4.5 million customer records.

The Data Breach and Its Losses

The SITA Passenger Service operates the Passenger Service System (PSS) server  of Air India, which was hacked by cybercriminals in a “sophisticated attack.” This is a type of cyberattack where the cybercriminals do not target individual users but attack the cloud or wireless access point through which users trade or store their sensitive information.

Evidently, this SITA-managed PSS was responsible for storing and handling all sensitive and personal passenger information related to payment and booking flights. Around March, they issued a statement mentioning the casualties of the data breach. However, this statement did not specify the number and type of victims.

The official statement of the breach by Air India in May finally sated all the speculations and revealed in detail the casualties due to the breach.

Per their official reports –

1. 1. The data breach affected approximately 4,500,000 data subjects worldwide. However, this number does not exclusively refer to their customers. There is no official information on how many of their customers were directly affected by this security breach.
   2. The leaked information included names, passports, and payment details of the involved individuals.
   3. The cybercriminals accessed the past 10 years Air India-related transaction history of the affected individuals.
   4. The company confirmed that no CVV/CVC information of the victims was hacked by the cybercriminals.
   5. The list of victims also includes other airlines that were managed by SITA operators such as Star Alliances, members of Singapore Airlines, New Zealand Air, and Lufthansa.

In their press release, the authorities of Air India informed that there had been no further disturbances on the Passenger Service System after the first attack in February.

Precautions Taken By The Company

In the above statement, Air India mentioned the immediate actions they took to inquire about the data breach. Officials reported that the ongoing forensic analysis would determine the extent and impact of the sophisticated attack.

Before they’re able to track down the perpetrators or retrieve back the lost information, the SITA operators have employed a new round of security measures to prevent any further data breaches.

The company announced a multitude of new precautionary measures like –

1. Re-establishing and reprogramming existing firewalls and building new security systems.
2. Engaging external data security specialists in building stronger and reliable gateways through the PSS.
3. Sending individual notifications about the breach to each of the affected victims. Simultaneously erasing their transaction data and changing the passwords.
4. Resetting all the passwords of the entire flyer program associated with the breached PSS server.
5. Stringently monitoring all the data transaction activities through PSS servers and related operating systems.

Primarily they’re focusing on reshuffling and reprogramming the entire system to close any loopholes of the PSS. The technical experts at Air India are working to implement these methods as early as possible to stem any monetary loss of their customers.

How Can I Save Myself?

In the declaration, the company has argued all their users change their existing password used with Air India.

To protect themselves from the breach, users are advised to –

1. Change and reset existing usernames.
2. Sing Out from all the Air India-related online portals.
3. Log In using separate emails and username.

Until the company is issuing further notices, undertaking these steps will help the users secure their data from their end.

Conclusion

Tech companies and browsers are developing new methods to strengthen their gateways and protect themselves from cyberattacks. But after the first major data breach of food tech company Domino’s, this sophisticated attack on Air India is worrying tech owners in India for potential cyberattacks in future. Hence, companies need to take quick and effective security measures to ensure data security on their end as well as on the end of their customers.

References

• https://news.sky.com/story/air-india-at-least-4-5-million-peoples-data-exposed-following-it-system-hack-12314505
• https://bit.ly/3fX4NAx
• https://www.sciencedirect.com/topics/computer-science/sophisticated-attack
• http://www.airindia.in/
• https://www.identityforce.com/blog/2021-data-breaches

Written by The Original PC Doctor on 25/06/2021.