India’s national carrier and largest international airline informed the public of the breach on Friday.
“This incident affected around 4,500,000 data subjects in the world,” the company said in a statement.
The airline explained that hackers have gained access to personal information that was registered between August 26, 2011 and February 3, 2021. The stolen data included passengers’ names, dates of birth, contacts, passport details, and ticket information.
The credit card data was also compromised, but Air India said that CVV/CVC numbers were “not held by our data processor.”
The company also said that “no passwords were affected.” It added that “external specialists” had been brought in to help secure the compromised servers.
A number of major airlines, including British Airways and EasyJet, as well as airline service providers, have fallen victim to successful cyberattacks in recent years.
British Airways was fined £20 million ($28 million) by the UK’s data protection regulator last year after the personal information of more than 400,000 customers was stolen.
Think your friends would be interested? Share this story!
© 2021, paradox. All rights reserved.