Air India hit by massive data breach, flyer data compromised

印度航空遭遇大规模数据泄露，乘客数据被盗

NEW DELHI: Air India’s customer database — name, date of birth, contact information, passport information, ticket information, frequent flyer data and also credit cards data — has suffered a massive security breach. In all, about “45 lakh data subjects” may have been leaked. The airline has informed affected passengers that the “breach involved some personal data registered between August 2011 and February 2021.” It adds that “no passwords data was affected.”

新德里消息：印度航空公司的客户数据库——姓名、出生日期、联系信息、护照信息、机票信息、飞行常客数据以及信用卡数据——遭遇重大安全漏洞。总共大约有“450万”名客户的数据被泄露。该航空公司已通知受影响的乘客，“泄露涉及2011年8月至2021年2月期间注册的一些个人数据。”该公司补充说，“密码数据未受影响。”

This is the second major airline data breach in last six months. Last December, some servers of IndiGo were also hacked and the airline had said there was a “possibility that some internal documents may get uploaded by the hackers on public websites and platforms.”

这是过去六个月里第二次重大航空公司数据泄露事件。去年12月，靛蓝航空的一些服务器也遭到黑客攻击，该航空公司曾表示，“黑客有可能将一些内部文件上传到公共网站和平台上。”

In a detailed statement, Air India said: “This is to inform that SITA PSS, our data processor of the passenger service system (which is responsible for storing and processing of personal information of the passengers) had recently been subjected to a cybersecurity attack leading to personal data leak of certain passengers. This incident affected around 45 lakh data subjects in the world. While we had received the first notification in this regard from our data processor on February 25, 2021, we would like to clarify that the identity of the affected data subjects was only provided to us by our data processor on March 25 and April 5.”

在一份详细的声明中，印度航空公司表示：“我们客运服务系统的数据处理系统(负责储存及处理乘客个人资料)最近受到网络安全攻击，导致个别乘客的个人资料外泄。”这一事件影响了全球约450万名数据主体。虽然我们在2021年2月25日从我们的数据处理机构收到了有关这方面的第一份通知，但我们想澄清的是，受影响的数据当事人的身份是我们的数据处理机构在3月25日和4月5日才向我们提供的”

The breach involved personal data registered between August 26, 2011, and February 3, 2021, with details that included name, date of birth, contact information, passport information, ticket information, Star Alliance and Air India frequent flyer data (but no passwords data were affected) as well as credit cards data. However, in respect of this last type of data, CVV/CVC numbers are not held by our data processor, Air India said in a statement.

此次泄露涉及2011年8月26日至2021年2月3日期间注册的个人数据，包括姓名、出生日期、联系信息、护照信息、机票信息、星空联盟和印度航空的飞行常客数据(但密码数据未受影响)以及信用卡数据。印度航空公司在一份声明中表示:“然而，关于最后一类数据，CVV/CVC数据并不由我们的数据处理器保存。”

The airline said it has taken steps to ensure data safety, including “investigating the data security incident; securing the compromised servers; engaging external specialists of data security incidents; notifying and liaising with the credit card issuers and resetting passwords of Air India FFP program.”

该航空公司表示，已采取措施确保数据安全，包括“调查数据安全事件，保护被破坏的服务器;聘请外部数据安全事件专家;通知并联络信用卡发卡机构，并重新设置印航FFP计划的密码。”

以下是印度时报读者的评论：译者：Jessica.Wu

sg global

It's because of Congress & Nehru data was breached . BJP is best party of India ...

数据被泄露是因为国大党和尼赫鲁，人民党是印度最优秀的政党…

Vishnu

As long as modiji is there, nothing is impossible

只要莫迪还在位，没有什么是不可能的

Aditya Sharma

What is the Govt doing? All around Failures. Lakhs dead because of Covid. Economy in the gutter. Donating vaccines without ordering for Indians. Bodies floating on Ma Ganga. Now, data breach

政府在做什么?

方方面面都失败了，数十万人死于新冠肺炎，经济不景气，不为印度人订购疫苗，

把疫苗捐给其他国家，恒河上漂浮着尸体。

现在数据又泄露了

Rashmi Prakash

Instead of crying that foreign hackers hack your system upgrade your system security..Most people in govt organization are from quota category, so very limited knowledge..This sort of things bound to happen.

与其抱怨外国黑客入侵系统，不如升级自己的系统安全。

eu

they had internet since mahabharat era, guess they have not upgraded their cyber security since

他们从摩诃婆罗多时代就有了互联网，我猜他们从那以后就没有升级过网络安全

Prasad Koranne

It's all because of NaMo, earth moves because of Modiji.

这都怪莫迪，地球转动也是因为莫迪。

Vasaikars M

It is all nehru’s fault.

都是尼赫鲁的错

Patriot

Bad, inefficient dishonest management are the reasons for this breach. Government should sell this white elephant entity rightaway.

造成数据泄露是糟糕的、低效的、不诚实的管理层，印度政府应该立即卖掉这家一无是处的公司。

Jeetendra Makhija

All those who have used Air-India's services should get their cards replaced and should also change their passwords too.

所有使用过印度航空服务的人都应该换卡

Muralidhar Jyoti

Who the hell is responsible for this. What is the use of cyber security?

谁要对此负责？网络安全有什么用?

Shobitro Chatterjee

Modiji murdabad... please resign!!!

莫迪，请辞职！

Sendil Kumar

In India.. whatever happens modi is held responsible..how stupid of the haters..go get a life..

在印度. .不管发生什么，莫迪都要负责。

Go Corona Go

Definitely Nehru is to be blamed. He nationalized Air India in 1953. Modi and his Bhakts had warned him not to do that but he didn't listen to them.

肯定是怪尼赫鲁。1953年，他将印度航空公司收归国有。莫迪和他的支持者警告过他不要这么做，但他没有听他们的。

Shasti Brata

Nothing surprising here.

这没什么好奇怪的。

Guest

Why there is a delay in implementing Data Privacy Law in India. We need stringent measures like GDPR. Govt should enact Data Privacy Law in India asap

为什么印度延迟实施数据隐私法。我们需要像GDPR这样的严格措施。印度政府应该尽快颁布数据隐私法

Stawan Mujumdar

So weak security in India that any Indians info is only public information now a days.

印度的安全如此薄弱，以至于印度人的信息现在都是公开的了。

Original Patel

Why india is hated all over the world?

为什么全世界都讨厌印度?

Sanjoy Pandey

There is no doubt some corrupt people are involved in it, who should be punished.

毫无疑问，一些腐败分子参与其中，他们应该受到惩罚。

Narendra Mertia

Serious lapses in the part of Air India.

印度航空公司严重失职。