Hackers infiltrated the servers of Air India Ltd. and gained access to personal data of 4.5 million fliers, the nation’s flag carrier said.
Personal data of passengers registered between August 2011 and February 2021 were compromised in the attack, the carrier said in a note to fliers that was shared via Twitter. The details included credit card and contact information and frequent flier data.
The breach raises fresh concerns after allegations earlier this year that Chinese intrusions may have affected operations at a key stock exchange and disrupted power supply in Mumbai, the country’s commercial hub. Cyber-attacks have become a growing threat in recent months with hacker groups targeting research institutions in Japan to American government agencies, businesses and health facilities.
Air India found out about the attack first in February. The airline has taken several steps since including investigating the incident and securing the compromised servers.
“No abnormal activity was observed after securing the compromised servers,” the carrier’s notice said. “We would also encourage passengers to change passwords wherever applicable to ensure safety of their personal data.”
India is mulling a new national strategy to strengthen the country’s cybersecurity.
