Air Transport Technology Giant SITA Suffered Data Breach Impacting Several Airlines

Global air transport tech giant SITA has recently disclosed a data breach. The incident didn’t only affect its own systems, rather also indirectly affected multiple airlines.

SITA Data Breach

Reportedly, the technology giant Société Internationale de Télécommunications Aéronautiques (SITA) has admitted a cyberattack impacting other airlines as well.

SITA is a global air transport technology giant empowering 2800 customers from the aviation sector globally.

As revealed via their press release, SITA has suffered a data breach on February 24, 2021. Upon knowing of the incident, the firm reported all the airlines affected by this incident.

While they haven’t shared any precise details of the attack in their notice, they did confirm its sophistication.

We recognize that the COVID-19 pandemic has raised concerns about security threats, and, at the same time, cyber-criminals have become more sophisticated and active. This was a highly sophisticated attack.

Airlines Continue With Breach Disclosures

Although, SITA didn’t name any specific airlines affected by the incident. However, the respective airlines have started disclosing the incident themselves.

Some of the affected airlines include Singapore Airlines (press release), Lufthansa, Air New Zealand (email to customers), Cathay Pacific, SAS – Scandinavian Airlines, Malaysian Airlines, Finnair (informed via emails, as Troy Hunt shared), and Jeju Air. TechCrunch has also mentioned United Airlines and American Airlines as data breach victims.

Besides, it also affected the traveler loyalty program Miles and More.

In the case of these airlines, the breached data potentially includes details about the passengers. For instance, Singapore Airlines disclosed that the breach affected “580,000 KrisFlyer and PPS members” exposing their “membership number and tier status and, in some cases, membership name”.

Whereas, Finnair has supposedly asked its customers to reset passwords in the wake of the incident.

Given the extent of the attack and its impact, more airlines may likely make similar disclosure in the coming days.

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Astaroth Banking Malware Runs Actively Targets Users In Brazil