Security News > 2021 > March > Oh SITA: Airline IT provider confirms passenger data leaked after major 'cyber-attack'
SITA didn't elaborate on the nature or extent of the attack, other than to describe it as "Highly sophisticated but limited." According to its own disclosure, the attackers obtained passenger records from servers hosted in an Atlanta, Georgia data centre operated by an American subsidiary.
"The data in question relates exclusively to service card numbers, status level and in some cases names. Unfortunately, your customer data is also affected. You can rest assured that no passwords, email addresses or other personal customer data were stolen in the incident."
In a statement to The Reg, Lufthansa said: "We can confirm that between 21.1.2021 and 11.2.2021 there was a data incident at a service provider of a Star Alliance member. During the incident, hackers managed to enter the reservation system of an Asian airline, which is operated by the IT service provider."
"Customer data from Star Alliance partners was accessed. Accordingly, customer data from Miles & More is also affected by this incident. It concerns data of approx. 1.35 million Miles & More members, primarily frequent flyers of the programme. Only Miles & More information on the service card number, the status level and, in some cases, the name of the member is affected. Passwords or other customer data such as e-mail addresses were not stored in the service provider's IT system and are therefore not affected by the incident."
In 2018, Hong Kong airline Cathay Pacific fessed-up to a data breach that saw 9.4 million records accessed by unauthorised persons.
"Bug bounty platform HackerOne security engineer Shlomie Liberow said:"It's not clear yet what the attack vector was in the SITA breach, but HackerOne vulnerability data shows that the aviation and aerospace industry sees more privilege escalation and SQL injection vulnerabilities than any other industry, accounting for 57 per cent of the vulnerabilities reported to these companies by ethical hackers.
News URL
https://go.theregister.com/feed/www.theregister.com/2021/03/05/oh_sita_airline_it_provider/