Major Indian airline breached: Hackers and database traders’ business

May 24, 2021
air india data breach database traders dark web

Another murky and fine dark day in our routine Dark Web Monitoring activities when suddenly posts from private hacking group, public criminal forums and the mainstream surface web forums began talking about an Air India Airline breached by hackers. The data is currently traded by various threat actors where it is sought after by different organizations of the diverse spectrum of security.

Here is a sample screenshot where a lurker rang the alarm bells in this notorious forum.


indian airline air india breach hackers traders image 1



As revealed in the photo above, it is said that Air India’s servers were hacked. The following data are exposed in the hacked according to multiple sources:

  • Passengers’ Names
  • Dates of Birth
  • Contacts / Mobile numbers
  • Passport Information
  • Ticket information
  • 16 Digit Card Data used by the customers

Total Number of affected customers: 4500000


According to the affected Airline company, Air India no passwords and, most importantly, the CVVs of the concerned bank cards were not affected.


Mainly because the data processor who handles the CVV is not affected by the breach.

For travelers who are often using airlines, it is a case to worry because you will never know when you will become the next victim. For the past few years, British Airways and EasyJet fell prey to successful cyberattacks.

Now here is what these hackers can gain from hacking personally identified information and other essential details; check out the screenshot:


indian airline air india breach hackers traders image 2


As we can see, some prominent Data Trader groups are selling the database leak with an updated price of 1500 USD. The price used to be way much higher and was known to be exclusive to a seller. Assuming that the traders succeeded in selling the data, resellers will sell it at a lower price to attract buyers. As time goes by, the value of a data breach goes down as the market because saturated. In most circumstances, the data becomes free to download. To those actors who purchase data while the leak is fresh, specific uses and reasons why these data are bought and sold in the first place. Potentially these personal details may lead to a well-thought phishing campaign or an advanced banking malware that can target similar information or much more! We are currently on the lookout for banking data to help secure the banking industry affected by this hack.

iZOOlogic believes that it is an urgent matter that any companies affected by a data breach should find out all the data stolen so that they can plan out and implement mitigation in place. Also, it is possible to deal with traders to stop their activities on a particular data breach through negotiations. Better yet, seal the negotiation before any of the first-hand sellers sell these data to other resellers. It comes with a price, but getting sued for privacy laws can be pricier too. We offer our Data Loss Recovery services to fast-track such negotiations and deal with data breach trading before it spreads like wildfire in the wild through resellers.


About the author

Leave a Reply