A cybersecurity attack that hit air transport communications and IT vendor SITA may have exposed data belonging to its Krisflyer and PPS program members.
As a result of the attack that originally hit SITA, its partner’s data belonging to 580,000 Singapore Airlines’ frequent flyer members may have leaked to cybercriminals.
This makes Singapore Airlines (SIA) the second airline carrier in the week to have suffered a data breach.
SITA released a statement confirming the security breach and saying it was the result of “a highly sophisticated attack.”
As a member of the Star Alliance group, Singapore Airlines had shared with SITA a “restricted” set of data, the airline said in a statement on Thursday.
This data is necessary to facilitate verification of membership tier status and provide customers of other airlines travel benefits.
Such data needs to reside on the passenger service systems of member airlines, SIA said. When the passenger service system servers had been compromised, the data got into the hands of the attackers.
The international Star Alliance has 26 members, among them Air Canada, United Airlines, and Lufthansa. The affected SIA customers were members of its KrisFlyer and a higher tier PPS frequent flyer program.
The data leakage was relatively small because the number of details Singapore Airlines shared with the Star Alliance group was limited. The compromised data included the membership number, tier status, and in some instances – a membership name.
“Specifically, this data breach does not involve KrisFlyer and PPS member passwords, credit card information, and other customer data such as itineraries, reservations, ticketing, passport numbers, and email addresses,” the Singapore carrier said. “We would also like to reassure all customers that none of SIA’s IT systems have been affected by this incident.”
Following the attack, SITA deployed malware containment measures, and its security incident response team started an investigation jointly with external cybersecurity experts.
The airlines didn’t reveal what other clients have been impacted by the attack. According to SITA, they have some 2,800 customers worldwide, among which airlines, airports, and government agencies.
But ZDNet managed to find airline companies that made public statements confirming they were affected by the data breach. Among them Finnair, Jeju Air, and Malaysia Airlines.
This indicated that SITA was involved in a breach that took place earlier this week and affected Malaysia Airlines in which dates of birth and contact information of its passengers may had been stolen.