[BreachExchange] SITA hack may have been worse than originally thought

Inga Goddijn inga at riskbasedsecurity.com
Mon May 24 10:17:47 EDT 2021


https://www.itproportal.com/news/sita-hack-may-have-been-worse-than-originally-thought/

Air India recently spoke up, saying data on 4.5 million of its customers
has likely been compromised.

It has emerged that a data breach that struck Indian IT operator SITA a few
months back was likely a lot worse than originally thought, with new
companies claiming to have suffered attacks as a result.

As reported by *TechCrunch*
<https://techcrunch.com/2021/05/23/air-india-passenger-data-breach-reveals-sita-hack-worse-than-first-thought/>,
Indian air company Air India has notified 4.5 million of its customers that
their data may have been compromised, and urged them to take action.

In a statement, the company said passenger names, credit card details,
birthdays, contact information, ticket data and passport data were all
compromised, as well as data relating to Star Alliance and Air India
frequent flyer programs.

While credit card CVV/CVC data was not held by SITA, Air India told its
customers to change passwords “wherever applicable to ensure the safety of
their personal data.” Whoever used Air India’s services in the past decade
(from February 2011) may have been compromised.

A few months ago, SITA notified the public of a data breach, saying it
reached out to Malaysia Airlines, Finnair, Singapore Airlines, Jeju Air,
Cathay Pacific, Air New Zealand, and Lufthansa.

According to the TechCrunch report, SITA serves more than 90 percent of the
world’s airlines, with India Express saying it has roughly 2,500 customers
in more than 200 countries. The investigation into the breach is still
ongoing, with an unnamed external security agency being brought in to
analyze the situation and help with the mitigation.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210524/43d55995/attachment.html>


More information about the BreachExchange mailing list