Delhi Police, who are investigating the case, said that the intruders created 20 email IDs and diverted the reward points earned by Air India's passengers, with possible help from present or former airline employees, who might have been well aware of the security loopholes in the company's system.
Air India has 195,000 accounts in its frequent-flyer program "Flying Returns," and the full extent of the hack is still to be estimated. Police is now tracking about 170 tickets that were booked using the stolen miles in order to find the offenders.
The airline has blocked the suspicious IDs and deactivated the affected accounts that have identical user names and passwords. The company has been taking all the measures to ensure that its clients don't experience any inconvenience or financial loss after the hack attack, the company manager told the Times of India.