Airline passenger data breached following “highly sophisticated attack” • Graham Cluley

Many of us have probably never heard of SITA, but that doesn’t mean they don’t know anything about you.

Because SITA provides IT services to about 90% of the global aviation industry, which means if you’re a frequent flier (or were before this ruddy pandemic hit the world) it probably stores data about you on its servers.

Last week SITA confirmed that it had fallen victim to a “highly sophisticated” cyber attack.

(For what it’s worth, I’ve yet to see a company say that they have suffered a “really dumb” cyber attack. It’s almost as if organisations like to portray the criminals who compromise their systems as fiendish geniuses, whereas often elementary precautions might have stopped the attack dead in its tracks.)

Sign up to our newsletter
Security news, advice, and tips.

British Airways, Finnair, and Singapore Airlines are amongst those who have acknowledged that passenger data from their frequent flyer programs was breached in the incident.

Others believed to be affected include Air New Zealand, Lufthansa, Aegean Airlines, Malaysia Airlines, Japan Airlines, Jeju Air, Cathay Pacific and Iberia.

It’s important to note, as British Airways did in an email to customers, that it was SITA’s systems which were breached – not those run by the airlines

We have been notified of a data breach at global technology company SITA, an IT services provider to many airlines around the world. SITA is not British Airways’ booking and reservations system provider and SITA’s breach does not involve our customers’ financial information or password as SITA does not have access to this data. Please be reassured that this incident was not a breach of British Airways’ systems.

Along with many other airlines, we do share limited information with partner airlines in order to enhance your experience when flying with them. We have been notified by SITA that some British Airways Executive Club Members’ names, membership numbers and some of their preferences, such as seating, has been impacted.

Fortunately it does not appear that passwords or financial information was exposed by the security breach as that is not shared with SITA, but frequent flyer membership numbers, passenger names, itineraries, and contact information may all now be in the hands of criminals.

Such details could – potentially – be exploited by a fraudster contacting a passenger while posing as an airline, and tricking them through social engineering to reveal password details.

Despite the assurance that passwords have not been breached by this hack, British Airways has taken the opportunity to remind users that they should never reuse passwords across the internet. Unique passwords reduce the chance of a breach in one place impacting users’ other online accounts.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.

Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon’s Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy.

Follow him on Twitter at @gcluley, or drop him an email.

Similar Posts