Hackers looted passenger data from some of the biggest airlines

SITA, a large data company that works with some of the world’s largest airlines, announced Thursday that she was the victim of a “highly sophisticated cyberattack”, whose information compromised hundreds of thousands of air passengers around the world.

The attack, which took place in February, targeted data stored on SITA’s Passenger Service System servers, which are responsible for storing information about transactions between carriers and customers. One of SITA’s actions is to act as a data exchange mechanism between different airlines. ensure that The “passenger benefits can be used by different carriers” in a systematic way.

Understanding the specific data that hackers accessed is, at this point, a bit difficult – although it would appear that some of it is frequent flyer information shared with SITA by members of Star Alliance, the largest alliance. global airline.

An airline alliance is essentially an industry consortium, and Star members are made up of some of the world’s largest airlines, including United Airlines, Lufthansa, Air Canada, and 23 others. Of these members, a number have already come forward to announce violations related to the attack – and SITA itself is reportedly appearing. having recognized that the parties involved are linked to alliance memberships

A member of the Alliance, Air New Zealand, recently written to clients that “some of our customer data as well as that of many other Star Alliance airlines” had been affected by the SITA attack. Likewise, Singapore Airlines recently told his clients that some of his data had been affected by the breach because “Star Alliance member airlines offer a limited set of frequent flyer programs [sic] data to the alliance, which is then sent to other member airlines to reside in their respective passenger service systems. “

It is not known if all Star Alliance members have been affected. A SITA representative told TechCrunch that the violation “affects various airlines around the world, not just the United States”, but declined to name them all. We have reached out to SITA for feedback and will update if they respond.

So far, it would appear that the nature of the breach is wider than deep. In other words, many people seem to have been affected, although in most cases the data that was shared with SITA does not appear to be that extensive. In the case of Singapore Airlines, for example, more than 500,000 of people have had their data compromised, although the data does not include things like member routes, passwords, or credit card information. The airline company said:

Approximately 580,000 KrisFlyer and PPS members were affected by the SITA PSS server breach. The information affected is limited to the membership number and tier status and in some cases the membership name as this is the full scope of frequent flyer data that Singapore Airlines shares with others. Star Alliance member airlines for this data transfer.

So … having a hacker know how often you steal doesn’t really seem so bad, does it? However, even though the SITA breach is not that extensive, this is yet another great example of the type of third-party issue. the parties pose for organizations within a supply chain – and what an attractive target they represent for hackers. Due to the complicated ways in which personal data is collected, stored and shared, it is incredibly easy for security officials to miss the weakest link in an industry chain. On the other hand, it can be incredibly easy for a hacker to spot one.