Aviation IT company SITA announced last Thursday, March 4, 2021, that it had suffered a data security incident. Following the incident, the company revealed that multiple airlines have been affected by the cyber attack, including Singapore Airlines and its KrisFlyer Frequent Flyer Progam users.
SITA is considered one of the world’s largest aviation IT companies in the world. It currently provides IT telecommunication and IT services to various aviation companies throughout different parts of the globe. According to Tech Crunch, SITA lends its services to 90% of the air transport industry.
Apart from Singapore Airlines, other airlines impacted by the data security incident include Air New Zealand, Cathay Pacific, Finnair, Japan Airlines, Korean airline Jeju Air, Lufthansa, and Malaysia Airlines.
SITA said that it had already notified affected companies about the breach. However, Tech Crunch states that company spokesperson Edna Ayme-Yahol did not provide details about the breach, saying the company is still currently conducting an investigation surrounding the issue.
However, based on the press released provided by the aviation IT firm, SITA said that certain passenger data may have been compromised as it had been stored in the SITA Passenger Service Inc. Servers. The said servers reportedly work on passenger processing systems for various airlines.
Singapore Airlines Involvement
Following the data leak, Singapore Airlines (SIA) issued a statement saying approximately 580,000 of its customers had been affected by the incident. The company issued a statement last Thursday, March 4, 2021, saying that 580,000 KrisFlyer and PPS Club reward members have had their details compromised.
In a statement by Singapore Airlines, it said, “While SIA is not a customer of the SITA PSS, this breach of the SITA PSS server has affected some KrisFlyer and PPS members.”
However, SIA is a member of the Star Alliance group, alongside other aviation companies previously mentioned. Star Alliance is a customer of SITA PSS, a global alliance network that provides SITA PSS access to its frequent flyer data, reveals the national carrier.
Among the information compromised by the breach include the membership numbers and tier status of SIA frequent flyer programs. Apart from this, the Singaporean airline also said that membership names have also been affected, reports Channel News Asia.
Despite this, Singapore Airlines maintains that customer credit card information, as well as member passwords, remain safe from the breach. Likewise, the company states that passport numbers, email addresses, ticket information, and itineraries are not included in the cybersecurity incident.
