Question : Action for Breach of Passenger Service System

(a) the details of the action taken by SITA (an aviation IT company) after breach of its Passenger Service System (PSS) under which data of passengers has been breached through a cyber attack;
(b) whether the Government has taken any action on the said IT company and if so, the details thereof;
(c) whether the Government has allowed SITA to store PSS outside India and if so, the reasons therefor; and
(d) whether the Government proposes to replace SITA by other service provider, if so, the details thereof and if not, the reasons therefor?

Minister of State in the Ministry of CIVIL AVIATION (GEN. (DR) V. K. SINGH (RETD))

(a): SITA has confirmed that several specific actions have been taken by them to strengthen various IT systems and processes to avoid recurrence of such incidents.;
;
(b): This was an incident of Cyber-attack, which was dealt by Air India Limited (AIL) itself.;
;
(c): After the merger of Air India and Indian Airlines, it was decided to host the PSS of Air India on a third party to be selected on a turnkey basis through a global tender. M/s SITA was selected through a global tender process in 2011. The Air India PSS data is kept at data centre of SITA.
;
(d): With the disinvestment of Air India Limited (AIL), there is no longer any equity stake of Government of India in AIL. No action thus lies on the part of the Government.