Air India disclosed a information breach after private facts belonging to more or less 4.five million of its clients turned into leaked months following the hack of Passenger Service System issuer SITA in February 2021.

The Indian country-wide service first knowledgeable passengers that SITA turned into the sufferer of a cyberattack on March 19.

“This is to tell that SITA PSS our information processor of the passenger provider system (that is answerable for storing and processing of private facts of the passengers) had these days been subjected to a cybersecurity assault main to private information leak of positive passengers,” Air India stated in a breach notification despatched over the weekend.

“This incident affected round 4,500,000 facts topics withinside the world.”

The airline delivered that the breach impacted the facts of passengers registered among August 2011 and February 2021.

Nevertheless, after investigating the safety incident, it become observed that no credit score card facts or password facts become accessed in the course of the breach.

However, Air India urges its passengers to alternate their credentials to dam capability breach tries and make sure their facts security.

“The breach concerned private facts registered among twenty sixth August 2011 and third February 2021, with info that covered name, date of birth, touch facts, passport facts, price price tag facts, Star Alliance, and Air India common flyer facts (however no passwords facts had been affected) in addition to credit score playing cards facts

Data breach influences Star Alliance members

Almost a dozen extra commercial airlines except Air India knowledgeable passengers that a number of their records become accessed for the duration of a breach of SITA’s Passenger Service System (PSS), which handles transactions from price price tag reservations to boarding.

SITA additionally showed the incident announcing that it reached out to affected PSS clients and all associated groups in early March.

At the time, a SITA spokesperson instructed BleepingComputer that the breach influences records of passengers from more than one airlines, consisting of:

Lufthansa - blended with its subsidiaries, it's far the second-biggest airline in Europe in phrases of passengers carried; Star Alliance member and Miles & More partner
Air New Zealand - flag provider airline of New Zealand
Singapore Airlines - flag provider airline of Singapore
SAS - Scandinavian Airlines (disclosure here); 
Cathay Pacific - flag provider of Hong Kong
Jeju Air - the primary and biggest South Korean low-fee airline
Malaysia Airlines - flag provider airline of Malaysia
Finnair - flag provider and biggest airline of Finland

Some of those air carriers (consisting of Air India) are a part of the Star Alliance, an international airline community with 26 individuals, consisting of Lufthansa, the most important in Europe.

Star Alliance instructed BleepingComputer that its individuals additionally percentage patron info applicable to awarding journeying benefits.

The statistics is constrained to club names, common flyer software club numbers, and software tier status.