Air India says 10 years of passenger data breached

India’s national airline Air India on Friday reported a data breach that it said involved the personal data, including contact details, credit card numbers and passport information, of an unspecified number of customers.

The national carrier said the compromise involved personal data registered between August 26, 2011 and February 20, 2021 and that the data was breached during a hack on its data processor, SITA, which disclosed a cyberattack in March.

SITA offers back-end network services to a number of airlines and several of them sent similar notifications to their customers earlier this month. The affected airlines included Lufthansa, Finnair, British Airways, Singapore Airlines, American Airlines and United, and involved close to 4.5 million records.