SITA hack may have been worse than thought following Air India breach
Hackers had access to SITA servers for over 22 days
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Thedata breach affecting airline data giant SITAis still having a damaging effect across the world, according to new disclosures about the hack.
Indian airline Air India has revealed that the personal data of around 4.5 million travellers was affected by the SITA hack, with information such as names, date of birth, contact information, passport information, frequent flyer and credit cards data number all affected.
Air India is now urging passengers registered between August 26 2011 and February 3 2021 to change passwords immediately to ensure their accounts are not further affected. The airline added that CVV/CVC numbers used for payment processing are not saved by SITA, so were not impacted.
SITA breach
As a result of the breach, Indian Airlines states that it has taken necessary steps to secure the data saved on the compromised servers and has engaged with “external specialists of data security incidents, contacting credit card issuers and resetting passwords of its frequent flyer programme.”
The breach follows a sophisticated and sustained series of attacks that were carried out on SITA over the course of several weeks. Along with Air India, the Geneva-based firm handles consumer data of various airlines, Singapore Airlines, Lufthansa, and United.
Almost a dozen differentairlineshad to inform passengers that some of their data has been accessed after an intruder managed to breach the SITA Passenger Service System (PSS) used to handle transactions from ticket reservations to boarding.
ViaBleepingComputer
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Jitendra has been working in the Internet Industry for the last 7 years now and has written about a wide range of topics including gadgets, smartphones, reviews, games, software, apps, deep tech, AI, and consumer electronics.
This new phishing strategy utilizes GitHub comments to distribute malware
Should your VPN always be on?
VIPRE Security Group says its new endpoint protection tools can stamp out even the latest cybersecurity threats
