A security breach at the airline IT company SITA has compromised the passenger data of numerous Star Alliance and other airlines.
SITA, among the largest IT companies providing passenger processing systems to the air transport industry, from ticketing to baggage control, confirmed its servers were breached in a cyber-attack, “leading to a data security incident involving certain passenger data that was stored on SITA Passenger Service System (US) Inc. servers.” According to Edna Ayme-Yahil, the company spokeswoman, SITA took “immediate action to contact affected SITA PSS customers and all related organizations.”
SITA called the cyber-attack, “highly sophisticated,” exposing the personal data of hundreds of thousands of passengers, many of them Star Alliance members, such as United Airlines, Singapore Airlines, Air India, Turkish Airlines, Air Canada, Aegean Airines and more. Even though some of these airlines are not direct customers of SITA, they were affected by the security breach because of the frequent flyer data that all alliance members share.
“SITA acted swiftly and initiated targeted containment measures,” said Ayme-Yahil in the statement. “The matter remains under continued investigation by SITA’s Security Incident Response Team with the support of leading external experts in cyber-security.”