Data is the new oil. There is a worldwide competition to collect as much data as possible. This data can be used for our purpose or sold to interested parties for a handsome price. Therefore, the price of data on the market is pretty high. Whenever you can’t gather/generate the data on your own, you might resort to illegal means. You may want to launch cyber-attacks on various organizations’ data centers.
AIR India’s Passenger Service System Provider, SITA, was attacked by cyber hackers in February and lost valuable data of 45 lakh passengers. There was a breach of all data registered with the organization between August 26, 2011 and February 20, 2021. Data snatched away by the attackers included name, date of birth, contact information, passport information, ticket information, Star Alliance and Air India frequent flyer data (but not passwords) as well as credit card information.
When Air India got to know about this data breach, like a good old organization, they informed about the attack and consequent data breach. Little they knew that they will be slapped with a lawsuit of 30 lakh.
This lawsuit for 30 Lakh is filed by a Delhi-based journalist, who claims the breach violates her right to be forgotten and informational autonomy. Additionally, she charged Air India with deliberately leaking passengers’ data.
Advocate Ashwini Kumar Dubey is representing the journalist. The notice also read, “The noticee, Air India, is guilty of leaking the sensitive information and personal data of my client. She was shocked and alarmed to learn about the recent security lapse by the noticee, making my client’s data open to exploitation,”
How Air India responds to the notice will undoubtedly impact how these kinds of cases will be dealt with in the future