MUMBAI: In the latest intrusion revealed by a major airline, hackers stole data on around 4.5 million Air India passengers around the world.
Air India said in a statement issued late Friday that names, credit card numbers, and passport details were among the data stolen.
The state-owned conglomerate said it was “securing the hacked servers” and consulting with credit card firms as well as “global experts” on data protection.
“We apologize for any disruption this has caused and appreciate our passengers’ continued support and confidence,” the airline said.
In recent years, a variety of airlines have experienced data breaches. After the records of 400,000 passengers were lost in a 2018 cyberattack, British Airways was fined $28 million by a British watchdog last year. In 2018, Cathay Pacific was fined $700,000 after the personal information of more than nine million customers was destroyed.
Last year, low-cost airline EasyJet revealed that hackers had stolen the email and travel information of about nine million customers.
In March, Air India reported that it had been notified of a cyberattack by its data processing firm, SITA PSS, in February. According to the carrier, the breach affected personal data collected between August 2011 and February 2021.
At the time, SITA, which provides IT backup to most of the aviation industry, said it had been the victim of a “highly advanced assault” that had impacted a variety of airlines.
Air India is a member of the Star Alliance airline alliance, and SITA manages the frequent flyer program’s computer activities.
Other alliance members warned passengers about the cyberattack in March, but most said only names and frequent flyer numbers were obtained.