Investigators don't know how many people’s accounts were affected, though they did learn that the hackers created 20 different email IDs and diverted reward points into their accounts.
The police believe the hackers could actually be working with former Air India employees. The thought is that only someone who knew the loopholes and vulnerabilities intimately would have been able to pull off the heist.
To track down the culprits, investigators are looking into which flights were purchased using the stolen miles. Meanwhile, the hacked accounts have been deactivated and the false IDs have been suspended.
Last year, British Airways faced a similar problem, and just a few months ago a computer programmer from Miami was arrested for using $260,000 worth of stolen American Airlines points to book hotels and rent cars.
In fact, it's become such a public problem that United Airlines actually gave two hackers a million frequent flyer miles each to show them the loopholes in their system so they can better protect themselves and their customers.