Airlines warn of data breaches after SITA passenger system hack

Global air transport data giant CTA has confirmed a data breach involving passenger data. The agency said in a brief statement on Thursday that it was “a victim of cyberattack” and that some passenger data stored on its US servers had breached. The cyberattack confirmed on February 24, after which the company contacted the affected airlines. CTA said IT companies, one of the world’s largest airlines, which serve about 90% of the world’s airlines, rely on the company’s passenger service system Horizon to handle reservations, tickets and air travel.

Arriving there, CITA representative Edna Ayme-Yahil declined to say what specific information taken, citing an ongoing investigation. The agency said the incident “affects various airlines, not just in the United States, but around the world.” The CITA has confirmed that it has informed several airlines – Malaysia Airlines; Finnair; Singapore Airlines; Jeju Air, a South Korean airline – has already issued a statement on the violation. Cathay Pacific, Air New Zealand, and Lufthansa have also affected.

In an email addressed to customers affected by TechCrunch, Singapore Airlines said it was not a subscriber to CITA’s Horizon passenger service system but had compromised the membership number and level status of nearly half a million frequent flyer members. The airline said that this type of data transfer “is necessary to verify the status of the membership level and to agree to the relevant benefits when traveling with member airline customers”. Passenger travel, reservations, ticket and passport data not affected, the airline said.

United became the latest airline to warn its travelers that data related to its Star Alliance frequent flyers’ club members was affected, but “no other personal information or passwords have been disclosed that would allow anyone to access your MileagePlus account.” United has, misleadingly, asked customers to change their passwords “out of caution”. American Airlines also affected, the company confirmed to customers via an email. The company said it did not use CTA’s Horizon system but its frequent flyer information went through the system to provide loyalty points to other airlines.

CTA is one of the handfuls of airlines in the airline market, offering passenger tickets and reservations at airlines as well as Saber and Amadeus. After hackers scrapped the credit cards of one million customers, Saber infringed on a large amount data by affecting its hotel reservation system in mid-2017. The U.S.-based company agreed in December to change its cybersecurity policies following a $2.4 million settlements and breach of contract.

In 2019, a security researcher found a vulnerability in Amadeus’ passenger booking system, which was used among others at Air France, British Airways, and Qantas, making it easier for travelers to change or access records.