Airline passenger data breached following “highly sophisticated attack”

Airline passenger data breached following "highly sophisticated attack"

Many of us have probably never heard of SITA, but that doesn’t mean they don’t know anything about you.

Because SITA provides IT services to about 90% of the global aviation industry, which means if you’re a frequent flier (or were before this ruddy pandemic hit the world) it probably stores data about you on its servers.

Last week SITA confirmed that it had fallen victim to a “highly sophisticated” cyber attack.

(For what it’s worth, I’ve yet to see a company say that they have suffered a “really dumb” cyber attack. It’s almost as if organisations like to portray the criminals who compromise their systems as fiendish geniuses, whereas often elementary precautions might have stopped the attack dead in its tracks.)

Sign up to our free newsletter.
Security news, advice, and tips.

British Airways, Finnair, and Singapore Airlines are amongst those who have acknowledged that passenger data from their frequent flyer programs was breached in the incident.

Others believed to be affected include Air New Zealand, Lufthansa, Aegean Airlines, Malaysia Airlines, Japan Airlines, Jeju Air, Cathay Pacific and Iberia.

It’s important to note, as British Airways did in an email to customers, that it was SITA’s systems which were breached – not those run by the airlines

Ba email sita breach

We have been notified of a data breach at global technology company SITA, an IT services provider to many airlines around the world. SITA is not British Airways’ booking and reservations system provider and SITA’s breach does not involve our customers’ financial information or password as SITA does not have access to this data. Please be reassured that this incident was not a breach of British Airways’ systems.

Along with many other airlines, we do share limited information with partner airlines in order to enhance your experience when flying with them. We have been notified by SITA that some British Airways Executive Club Members’ names, membership numbers and some of their preferences, such as seating, has been impacted.

Fortunately it does not appear that passwords or financial information was exposed by the security breach as that is not shared with SITA, but frequent flyer membership numbers, passenger names, itineraries, and contact information may all now be in the hands of criminals.

Such details could – potentially – be exploited by a fraudster contacting a passenger while posing as an airline, and tricking them through social engineering to reveal password details.

Despite the assurance that passwords have not been breached by this hack, British Airways has taken the opportunity to remind users that they should never reuse passwords across the internet. Unique passwords reduce the chance of a breach in one place impacting users’ other online accounts.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

One comment on “Airline passenger data breached following “highly sophisticated attack””

  1. Jim

    … and passport numbers, probably? That would be a bit more serious.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.