SITA, a big data company that works with some of the largest airlines in the world, Announced Thursday It was the victim of a “highly sophisticated cyberattack”, which placed information on hundreds of thousands of airline passengers around the world at risk.
The attack, in February, targeted data stored on SITA’s Passenger Service System servers, which are responsible for storing information related to transactions between carriers and customers. One of the things that SITA does is act as a mechanism for exchanging data between different airlines – which helps with that Guarantee Passenger benefits across different carriers can be used in a systematic way.
Understanding the specific data that the hackers have accessed, at this point, is a bit tricky – although it appears some of it was frequent published information shared with SITA by members of the Star Alliance, the largest global airline alliance.
The airline alliance is essentially an industry consortium, and Star membership is comprised of some of the world’s most prominent airlines – including United Airlines, Lufthansa, Air Canada, and 23 other companies. Among these members, a number of them have already stepped forward to announce violations in connection with the attack – and SITA itself will emerge I acknowledge That the affected parties are linked to membership in the coalition.
One member of the alliance, Air New Zealand, recently Books for clients Some of our customer data, as well as data from several other Star Alliance airlines, were affected by the SITA attack. Likewise, Singapore Airlines recently He said to his clients That some of its data was affected by the breach because “Star Alliance member airlines offer a limited set of the frequent flyer program [sic] Data to the alliance, which is then sent to other member airlines for accommodations on their passenger service systems. ”
It’s unclear whether all of the Star Alliance members have been affected. A SITA representative Tell TechCrunch The breach “affects many airlines around the world, not only in the United States,” but he declined to name them all. We’ve reached out to SITA for comment and will update if they respond.
So far, the nature of the breach appears to be broader than deep. This means that a lot of people are affected, although the data shared with SITA does not appear to be that large in most cases. In the case of Singapore Airlines, for example, over 500,000 People had their data compromised, even though the data didn’t include things like member paths and passwords Or credit card information. Airlines It has been stated:
About 580,000 KrisFlyer and PPS members were affected by the hacking of SITA PSS servers. The information involved is limited to the membership number, tier status, and in some cases, the membership name, as this is the full range of frequent flyer data that Singapore Airlines shares with other Star Alliance member airlines for this data transfer.
So … having a hacker knowing how many times you fly doesn’t really seem that bad, does it? However, even if the SITA breach is not widespread, it is another great example of the third problem type The parties make up for the organizations within the supply chain – and what an attractive target they offer to hackers. Due to the complex ways in which personal data is collected, stored, and shared, it is very easy for security officials to miss the weakest link in the industry chain. On the other hand, it can be extremely easy for a hacker to spot one of them.
Профессиональный решатель проблем. Тонко обаятельный любитель бекона. Геймер. Заядлый ботаник. Музыкальный новатор