Credit cards, passports and phone numbers are among information leaked in massive data breach at Air India, the airline said on Friday, disclosing the incident over three months after it was first informed, according to news agency ANI.
“The data breach involved personal data registered between 26th Aug 2011 and 3rd Feb 2021, with details including name, DOB (Date of Birth), contact info, passport info, ticket info, Star Alliance and Air India frequent flyer data (no passwords data affected) and credit cards data,” the airline was quoted as saying by ANI.
“This incident affected around 4,500,000 data subjects in the world. In respect of credit cards data, CVV/CVC numbers are not held by our data processor. Further, our data processor has ensured that no abnormal activity was observed after securing the compromised servers,” it said.
“Following measures to ensure safety of data immediately taken – investigating data security incident, securing compromised servers, engaging external specialists of data security incidents, notifying and liaising with credit card issuers, resetting passwords of Air India FFP programme,” the airline added.