Air India cyber-attack affects 4.5 million customers

India’s national airline Air India has said a cyber-attack on its data servers affected four and a half million customers around the world.

The breach was first reported to the company in February. Details including passport and ticket information as well as credit-card data were compromised.

However, Air India said security details for credit cards – CVV or CVC numbers – were not stored on the server targeted.

It is not immediately clear who was behind the attack.

The airline, a member of the Star Alliance network, said the breach involved all information registered between 26 August 2011 and 20 February 2021.

Air India said no subsequent unauthorised activity had been detected.

The revelation comes as the hackers responsible for causing widespread disruption to the Irish health system have handed over the software tool to help it recover for free.

The Conti ransomware group was reportedly asking the health service for $20m (£14m) to restore services after the attack.

The Irish government says it is testing the tool and insists it did not, and would not, be paying the hackers.

Taoiseach (Irish prime minister) Micheál Martin said on Friday (21 May) that receiving the software tool was good, but that enormous work is still required to rebuild the system overall.

Conti is still threatening to publish or sell data it has stolen unless a ransom is paid.

On its darknet website, it told the Health Service Executive (HSE), which runs Ireland’s healthcare system, that “we are providing the decryption tool for your network for free”.

“But you should understand that we will sell or publish a lot of private data if you will not connect us and try to resolve the situation.”

It was unclear why the hackers gave the tool – known as a decryption key – for free, said Health Minister Stephen Donnelly.

“No ransom has been paid by this government directly, indirectly, through any third party or any other way. Nor will any such ransom be paid,” he told Irish broadcaster RTÉ.

“It came as a surprise to us. Our technical team are currently testing the tool. The initial responses are positive.”