On Friday,India’s national airline Air India declared a data violation that it said intricated the personal data, including contact information, credit card numbers and passport information, of an undefined number of customers.The airline said the settlement involved personal data recorded between August 26, 2011 and February 20, 2021 and that the data was breached during a drudge on its data processor, SITA, which revealed a cyberattack in March.
SITA provides back-end network services to a number of airlines and many of them sent related notifications to their customers recently this month. The impacted airlines included Lufthansa, Finnair, British Airways, Singapore Airlines, American Airlines and United, and comprised near to 4.5 million records.
Air India stated the data of its customers included those that were recorded over a period of almost 10 years. “The breach involved personal data registered between 26 August 2011 and 3 February 2021, with details that included name, date of birth, contact information, passport information, ticket information, Star Alliance and Air India frequent flyer data (but no passwords data were affected) as well as credit cards data,” a statement from Air India said.