Security News
A two-year-old espionage campaign against the airline industry is ongoing, with AsyncRAT and other commodity remote-access trojans helping those efforts take flight. The campaign can effectively be a bird strike to the business engine, so to speak, resulting in data theft, financial fraud or follow-on attacks, researchers said, who have uncovered new details about the perpetrators.
British Airways has settled the not-quite-a-class-action* lawsuit against it, potentially paying millions of pounds to make the data breach case in the High Court of England and Wales go away. "The resolution includes provision for compensation for qualifying claimants who were part of the litigation. The resolution does not include any admission of liability by British Airways Plc," said PGMBM. The lawsuit was based on the 2018 BA data breach, where the credit card details of 380,000 people were stolen thanks to a Magecart infection on its payment processing pages.
British Airways has settled the not-quite-a-class-action* lawsuit against it, potentially paying millions of pounds to make the data breach case in the High Court of England and Wales go away. "The resolution includes provision for compensation for qualifying claimants who were part of the litigation. The resolution does not include any admission of liability by British Airways Plc," said PGMBM. The lawsuit was based on the 2018 BA data breach, where the credit card details of 380,000 people were stolen thanks to a Magecart infection on its payment processing pages.
A monster cyberattack on SITA, a global IT provider for 90 percent of the world's airline industry, is slowly unfurling to reveal the largest supply-chain attack on the airline industry in history. The enormous data breach, estimated to have already impacted 4.5 million passengers, has potentially been traced back to the Chinese state-sponsored threat actor APT41, and analysts are warning airlines to hunt down any traces of the campaign concealed within their networks.
A technology provider says a malware attack triggered a dayslong outage that has caused reservations systems to crash at about 20 low-cost airlines around the world. A spokeswoman for Radixx's parent, Southlake, Texas-based Sabre Corp., said Friday that the company was beginning to restore service to airline customers.
Yahil declined to say how many users have been affected for confidentiality reasons, but Singapore Airlines reported more than 580,000 impacted customers alone, meaning the compromise could ultimately impact millions of users. "Many airlines have issued public statements confirming what types of data have been affected in relation to their passengers."
Passenger data from multiple airlines around the world has been compromised after hackers breached servers belonging to SITA, a global information technology company. A SITA representative told BleepingComputer that the intrusion impacts data of passengers from the airlines listed below.
SITA didn't elaborate on the nature or extent of the attack, other than to describe it as "Highly sophisticated but limited." According to its own disclosure, the attackers obtained passenger records from servers hosted in an Atlanta, Georgia data centre operated by an American subsidiary. "The data in question relates exclusively to service card numbers, status level and in some cases names. Unfortunately, your customer data is also affected. You can rest assured that no passwords, email addresses or other personal customer data were stolen in the incident."
SITA, a multinational company that specializes in air transport communications and IT, this week confirmed falling victim to a cyberattack that appears to have impacted multiple airlines around the world. SITA said on Thursday that the attack, which it described as "Highly sophisticated," affected certain passenger data stored on servers of SITA Passenger Service System Inc., which operates passenger processing systems for airlines.
Malaysia Airlines has suffered a data breach spanning nine yearsof data that exposed the personal information of members in its Enrich frequent flyer program. Starting yesterday, Malaysia Airlines began emailing members of their Enrich rewards program to disclose that they were affected by a data breach.