Airlines Data Breach: SITA PSS Servers of Air India And Star Alliance Hacked in Cyber Attack; Personal Data of 45 Lakh Fliers, Including Credit Card Details Compromised


Mumbai, May 21: In a major cybersattack, servers of SITA PSS, the data processor of the passenger service system, were hacked recently. The cyberattack hit members of Star Alliance, including Air India. SITA PSS is responsible for storing and processing the personal information of fliers. Personal data, including name, DOB, contact info, passport info, ticket info and credit card details of Star Alliance fliers, was stolen. About 580,000 Frequent Fliers’ Data Breached, Says Singapore Airlines.

The data of around 4,500,000 flyers between August 26, 2011, and February 3, 2021, was compromised. However, the credit card CVV/CVC numbers are not held by the processor. The cyberattack has also affected passengers of other airlines, including Malaysia Airlines; Finnair; Singapore Airlines; and Jeju Air, an airline in South Korea, Cathay Pacific, Air New Zealand, and Lufthansa.

Air Indian, on May 15, also released a statement in this regard. In the statement, the airlines said, “This is to inform that SITA PSS our data processor of the passenger service system (which is responsible for storing and processing of personal information of the passengers) had recently been subjected to a cybersecurity attack leading to personal data leak of certain passengers. This incident affected around 4,500,000 data subjects in the world.” British Airways Website & App Hacked; Nearly 3.8 Lakh Passengers’ Details Compromised: Know If Your Name Is on the List.

Air India received information about the data breach on February 25, 2021. It added, “We would like to clarify that the identity of the affected data subjects was only provided to us by our data processor on March 24 and April 5.” Air India has already launched an investigation into the incident and also have started securing the compromised servers. Air India has also notified and liaised with the credit card issuers. Meanwhile, the affected airlines have apprised their passengers about the situation and asked them to change the password.

“While we and our data processor continue to take remedial actions including but not limited to the above, we would also encourage passengers to change passwords wherever applicable to ensure safety of their personal data,” Air India added.

In March this year, Singapore Airlines also claimed that around 580,000 privilege fliers, KrisFlyer and PPS members, were affected by a data breach. That data breach also involved the servers of SITA.

(The above story first appeared on Scoop Buddy on May 21, 2021 11:05 PM IST. For more news and updates on politics, world, sports, entertainment and lifestyle, log on to our website