Air India flyer seeks damages over data breach
New Delhi: An Air India flyer has sought damages from the airline after the recent leak of personal data of 4.5 million passengers including hers and her husband's.
A legal notice was sent to Air India management on Sunday by Ritika Handoo in which she said that the airline informed her about the breach on June 1, her lawyer said. Terming the breach as a violation of her "right to be forgotten and informational autonomy", she sought a compensation of Rs 30 lakh.
Air India's passenger service system provider SITA faced a sophisticated cyberattack in February this year leading to the leak of personal data of 4.5 million passengers -- which included passengers of the national carrier -- from across the world, the email sent by the carrier said.
"The breach involved personal data registered between August 26, 2011 and February 20, 2021, with details that included name, date of birth, contact information, passport information, ticket information, Star Alliance and Air India frequent flyer data (but no passwords data were affected) as well as credit cards data.
"However, in respect of this last type of data, CVV/CVC numbers are not held by our data processor," the email said.
Handoo, a Delhi-based journalist, in her notice to Air India accused it of "knowingly, intentionally and deliberately leaking the personal data and for breach of sensitive information." "Noticees (Air India) are the guilty of leaking the sensitive information and personal data of my client.