Air India data breach

Last updated

The 2021 Air India cyberattack was a cyberattack that affected more than 4.5 million customers of Air India airlines. [1]

Contents

Cyberattack

On 21 May 2021, it was reported that Air India was subjected to a cyberattack whereas the personal details of about 4.5 million customers around the world were compromised including passport, credit card details, birth dates, name and ticket information. [2] [3] [4]

Air India's data processor, SITA which is a Swiss technology company known for offering passenger processing and reservation system services reported the data breach to Air India in around February 2021. [3] The data breach involved all information which was registered in the SITA data processor between 26 August 2011 and 20 February 2021. [5] [6] [7] It was also revealed that the cyberattackers gained access to the systems for a period of 22 days. [8]

It was reported that the compromised servers by the hackers were later secured and Air India took steps by engaging external data security specialists. Air India also guaranteed its passengers that there was no conclusive evidence on whether any misuse of the personal data has been reported. The airlines also urged and encouraged the passengers to immediately change their passwords. [9]

Related Research Articles

<span class="mw-page-title-main">Timeline of Internet conflicts</span>

The Internet has a long history of turbulent relations, major maliciously designed disruptions, and other conflicts. This is a list of known and documented Internet, Usenet, virtual community and World Wide Web related conflicts, and of conflicts that touch on both offline and online worlds with possibly wider reaching implications.

A supply chain attack is a cyber-attack that seeks to damage an organization by targeting less secure elements in the supply chain. A supply chain attack can occur in any industry, from the financial sector, oil industry, to a government sector. A supply chain attack can happen in software or hardware. Cybercriminals typically tamper with the manufacturing or distribution of a product by installing malware or hardware-based spying components. Symantec's 2019 Internet Security Threat Report states that supply chain attacks increased by 78 percent in 2018.

Cyberwarfare by China is the aggregate of cyberattacks attributed to the organs of the People's Republic of China and various related advanced persistent threat (APT) groups.

A cyberattack occurs when there is an unauthorized action against computer infrastructure that compromises the confidentiality, integrity, or availability of its content.

<span class="mw-page-title-main">2014 JPMorgan Chase data breach</span> Cyberattack against an American bank

The 2014 JPMorgan Chase data breach was a cyberattack against American bank JPMorgan Chase that is believed to have compromised data associated with over 83 million accounts—76 million households and 7 million small businesses. The data breach is considered one of the most serious intrusions into an American corporation's information system and one of the largest data breaches in history.

The 2016 Indian bank data breach was reported in October 2016. It was estimated 3.2 million debit cards were compromised. Major Indian banks, among them SBI, HDFC Bank, ICICI, YES Bank and Axis Bank, were among the worst hit. The breach went undetected for months and was first detected after several banks reported fraudulent use of their customers’ cards in China and the United States, while these customers were in India.

The city of Atlanta, Georgia was the subject of a ransomware attack which began in March 2018. The city recognized the attack on Thursday, March 22, 2018, and publicly acknowledged it was a ransomware attack.

The 2018 SingHealth data breach was a data breach incident initiated by unidentified state actors, which happened between 27 June and 4 July 2018. During that period, personal particulars of 1.5 million SingHealth patients and records of outpatient dispensed medicines belonging to 160,000 patients were stolen. Names, National Registration Identity Card (NRIC) numbers, addresses, dates of birth, race, and gender of patients who visited specialist outpatient clinics and polyclinics between 1 May 2015 and 4 July 2018 were maliciously accessed and copied. Information relating to patient diagnosis, test results and doctors' notes were unaffected. Information on Prime Minister Lee Hsien Loong was specifically targeted.

The EasyJet data breach was a cyberattack on the computer systems of British airline EasyJet.

Data breach incidences in India were the second highest globally in 2018, according to a report by digital security firm Gemalto. With over 690 million internet subscribers and growing, India has increasingly seen a rise in data breaches both in the private and public sector. This is a list of some of the biggest data breaches in the country.

<span class="mw-page-title-main">2020 United States federal government data breach</span> US federal government data breach

In 2020, a major cyberattack suspected to have been committed by a group backed by the Russian government penetrated thousands of organizations globally including multiple parts of the United States federal government, leading to a series of data breaches. The cyberattack and data breach were reported to be among the worst cyber-espionage incidents ever suffered by the U.S., due to the sensitivity and high profile of the targets and the long duration in which the hackers had access. Within days of its discovery, at least 200 organizations around the world had been reported to be affected by the attack, and some of these may also have suffered data breaches. Affected organizations worldwide included NATO, the U.K. government, the European Parliament, Microsoft and others.

ShinyHunters is a black-hat criminal hacker group that is believed to have formed in 2020 and is said to have been involved in numerous data breaches. The stolen information is often sold on the dark web.

<span class="mw-page-title-main">Health Service Executive ransomware attack</span> 2021 cyber attack on the Health Service Executive in Ireland

On 14 May 2021, the Health Service Executive (HSE) of Ireland suffered a major ransomware cyberattack which caused all of its IT systems nationwide to be shut down.

Lapsus$, stylised as LAPSUS$ and classified by Microsoft as Strawberry Tempest, is an international extortion-focused hacker group known for its various cyberattacks against companies and government agencies. The group was active in several countries, and has had its members arrested in Brazil and the UK in 2022. According to City of London Police at least two of the members were teenagers.

In September 2022, Australian telecommunications company Optus suffered a data breach that affected up to 10 million current and former customers comprising a third of Australia's population. Information was illegally obtained, including names, dates of birth, home addresses, telephone numbers, email contacts, and numbers of passports and driving licences. Conflicting claims about how the breach happened were made; Optus presented it as a complicated attack on its systems while an Optus insider and the Australian Government said a human error caused a vulnerability in the company's API. A ransom notice asking for A$1,500,000 to stop the data from being sold online was issued. After a few hours, the data thieves deleted the ransom notice and apologised for their actions.

The 23andMe data leak was a data breach at personal genomics company 23andMe reported in October 2023. The cyberattack gathered profile and ethnicity information from millions of users. The affected customers were reported as primarily Ashkenazi Jews but also including hundreds of thousands of ethnically Chinese users. The hacker(s) stole information customers had chosen to share with their DNA matches, which could include name, profile photo, birth year, location, family surnames, grandparents' birthplaces, ethnicity estimates, mitochondrial DNA haplogroup, Y-chromosome DNA haplogroup, link to external family tree, and any text content a customer had optionally included in their "About" section. On October 6, 2023, the company confirmed that the hacker(s) had illicitly accessed data on approximately 6.9 million users.

<span class="mw-page-title-main">IntelBroker</span> Black-hat Hacker

IntelBroker is a Serbian black hat hacker active since October 2022, who has committed several high-profile cyber attacks. Their targets have included Europol, Pandabuy, and Apple, with over 80 sales and leaks of compromised data having been traced to them. They claim to be currently residing in Russia for security reasons.

References

  1. "Air India cyber-attack: Data of millions of customers compromised". BBC News. 22 May 2021. Retrieved 23 May 2021.
  2. "Cyber-Attack on Air India Led to Data Leak of 4.5 Million Fliers". Bloomberg. 22 May 2021. Retrieved 23 May 2021.
  3. 1 2 "Explained: What is the data breach that has hit Air India customers?". The Indian Express. 22 May 2021. Retrieved 23 May 2021.
  4. "Air India cyberattack: Personal data of over 4.5 million passengers leaked". The Irish Times. Retrieved 23 May 2021.
  5. "Air India flyers' data leaked after cyberattack, 45 lakh affected". The Indian Express. 22 May 2021. Retrieved 23 May 2021.
  6. "Air India: Hackers stole personal data of 4.5M people in cyber attack". Air India: Hackers stole personal data of 4.5M people in cyber attack. Retrieved 23 May 2021.
  7. "Air India data breach: Personal info of 45 lakh people leaked due to 'cyberattack'". The Economic Times. 22 May 2021. Retrieved 23 May 2021.
  8. Sinha, Saurabh (22 May 2021). "Air India data breach: SITA says cyber attackers 'accessed some systems for 22 days at Atlanta centre'". The Times of India. Retrieved 23 May 2021.
  9. "Air India data breach: All you need to know". Hindustan Times. 22 May 2021. Retrieved 23 May 2021.

See also

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.