Saurabh Sinha  

a airplane that is sitting on a runway at an airport© Provided by The Times of India

NEW DELHI: The customer data breach of several airlines, including Air India, was not a one-off incident but a sustained and “highly sophisticated” cyber-attack that lasted over three weeks at SITA’s passenger service system (PSS) data centre in the US.

Given the duration of the breach, AI says the customer data base registered in almost a decade of 45 lakh passengers — including their name, date of birth, contact information, passport information, frequent flyer and credit cards data — was breached. SITA, one of the world’s leading air transport communications and IT companies, says the cyber-attack affected its passenger personal data of various airlines, including AI, stored on its servers.

“SITA confirms that its passenger processing services were the victim of a highly sophisticated but limited cyber-attack that affected passenger personal data stored on servers in SITA PSS’s data centre in Atlanta, Georgia, US… Our investigations indicate that the total period during which the cyber-attacker(s) were able to access some of our systems was 22 days. After confirmation of the seriousness of the data security incident, SITA PSS took immediate action to contact our customers (airlines) and all related organisations. Our investigations are ongoing,” SITA’s global head of communications, Edna Ayme-Yahil, told TOI Saturday.

“Air India, a customer of SITA PSS, was provided with the details of the exact type of data that had been compromised, including details of the number of data records within each of the relevant data categories,” Ayme-Yahil said. AI says the breach involved personal data registered for almost a decade between August 2011 and February 2021.

“Each affected airline has been provided with the details of the exact type of data that has been compromised, including details of the number of data records within each of the relevant data categories…. it does include some personal data of (several) airline passengers,” she said.

While not disclosing further details due to security reasons, she said SITA in association with leading external experts in cyber-security and forensics “sharing technical information with airlines regarding the ‘tactics, techniques and procedures’ and ‘indicators of compromise’ used by the cyber-attacker(s).”

“We recognise that Covid-19 pandemic has raised concerns about security threats, and, at the same time, cyber-criminals have become more sophisticated and active. This was a highly sophisticated attack. SITA acted swiftly and initiated targeted containment measures. The matter remains under continued investigation by SITA with the support of leading external experts in cyber-security,” SITA said in a statement.

Air India had on Friday said in a statement: “… SITA PSS, our data processor of the passenger service system (which is responsible for storing and processing of personal information of the passengers) had recently been subjected to a cybersecurity attack leading to personal data leak of certain passengers. This incident affected around 45 lakh data subjects in the world…. identity of the affected data subjects was only provided to us by our data processor on March 25 and April 5….

The breach involved personal data registered between August 26, 2011, and February 3, 2021, with details that included name, date of birth, contact information, passport information, ticket information, Star Alliance and Air India frequent flyer data (but no passwords data were affected) as well as credit cards data. However, in respect of this last type of data, CVV/CVC numbers are not held by our data processor.”

Air India data breach: SITA says cyber attackers ‘accessed some systems for 22 days at Atlanta centre’

Leave a Reply

Your email address will not be published. Required fields are marked *