India's national carrier Air India on Friday announced that a recent cyber attack affected over 45 lakh flyers -- both domestic and international customers -- who had their passports, phone numbers and credit cards details "accessed".
In an email to its customers, also released on Twitter, Air India said it first became aware of the cyber attack, which led to the leakage of 10 years' worth of customer data, some three months ago and had immediately ordered a probe."SITA PSS, our data processor of the passenger service system, had recently been subjected to a cybersecurity attack leading to personal data leak of certain passengers. This incident affected around 4,500,000 data subjects in the world," Air India said.
"The breach involved personal data registered between 26th August 2011 and 3rd February 2021, with details that included name, date of birth, contact information, passport information, ticket information, Star Alliance and Air India frequent flyer data (but no passwords data were affected) as well as credit cards data," it added.
The national carrier said it had ordered a probe into the data leak in February itself, UNB reported.
The airline is the largest international carrier out of India, with an 18.6% market share. Over 57 domestic destinations and 45 international destinations in 31 countries across five continents are served by Air India.