SITA Suffers from Data Breach Involving Passenger Data

36
SITA Suffers from Data Breach Involving Passenger Data-01 (1)

SITA’s data breach had a great impact on the aviation industry. Here’s how some of the airlines have taken initiatives to tackle them.

On Thursday, SITA, a global air transport data giant that provides its services to 90% of the aviation industry, released a statement that it had been a “victim of cyber-attack”. It said that the passengers’ data available on the US servers had been compromised.

The data breach occurred on SITA’s ‘Passenger Service System’, which is responsible for handling transactions from ticket reservations to boarding.

In its 4th March press release, SITA stated, “SITA confirms that it was the victim of a cyber-attack, leading to a data security incident involving certain passenger data that was stored on SITA Passenger Service System (US) Inc. servers. Passenger Service System (US) Inc. (“SITA PSS”) operates passenger processing systems for airlines.”

The company was hit by a cyberattack on February 24, after which it began to contact affected airlines. Singapore Airlines, even though not a customer of SITA’s Horizon passenger service system, reported that around five hundred thousand frequent flyers had their membership and tier status compromised.

Along with Singapore Airlines, United Star Alliance also warned its customers, who are amongst its frequent flyers club, that the data has been affected. However, personal information and passwords were not exposed that would enable hackers to access the MileagePlus account. Still, United insisted that its customers should change their passwords as a precaution.

British Airways was also not spared in the cyberattack that occurred on SITA. An email sent to affected customers by British Airways seen by EnterpriseTalk said, “SITA is not British Airways’ booking and reservations system provider and SITA’s breach does not involve our customers’ financial information or password as SITA does not have access to this data. Please be reassured that this incident was not a breach of British Airways’ systems.”

However, the UK flag carrier added that it has been notified by SITA that some of British Airways Executive Club Members’ names, membership numbers and preferences such as seating have been impacted.

The company has urged its customers, just like United Star Alliance, to change their passwords that they have not been used elsewhere.

“We recognize that the COVID-19 pandemic has raised concerns about security threats, and, at the same time, cyber-criminals have become more sophisticated and active,” SITA said on its official website. “This was a highly sophisticated attack.”

“SITA acted swiftly and initiated targeted containment measures. The matter remains under continued investigation by SITA’s Security Incident Response Team with the support of leading external experts in cyber-security.”

SITA is one of the few enterprises in the aviation industry that provides passengers with ticketing and reservation systems to airlines alongside Amadeus and Sabre.