If you have frequent flyer accounts with different airlines, you have likely received one or more emails about a data breach in the past few days. What exactly is going on
On February 24, 2021, SITA suffered a “sophisticated” attack on its IT systems that resulted in the information of millions of passengers being compromised. In particular, certain data was accessed that was stored on SITA Passenger Service Systems servers. According to the company, it has contacted all affected SITA PSS customers and all associated organizations.
For those of you unfamiliar with the company, SITA essentially provides IT services to the aviation industry around the world, including airlines, airports, and ground handlers. SITA is involved in everything from operational business practices to baggage management to passenger management.
SITA has stored passenger data on its servers and some of this data may have been accessed. The good news is that, for the most part, no passwords or payment methods have been compromised, but rather that seems to focus primarily on names, frequent flyer numbers and elite status.
You may have been notified of a data breach even if you have a frequent flyer account with an airline that is not a direct customer of SITA. This may be the case if you either booked an itinerary that includes travel on multiple airlines, if you used your frequent flyer account to travel on another airline, etc. For example, here is part of the email I sent from American yesterday Airlines received:
American is not a SITA PSS customer. However, the incident had an impact on certain AAdvantage loyalty data as some of our airline partners store loyalty data in SITA PSS. We share a limited set of frequent flyer loyalty data with our airline partners to ensure that the loyalty status of our AAdvantage members is recognized while traveling.
A data breach at aviation IT company SITA could mean the frequent flyer details of millions of travelers have been compromised. The good news is that apparently these are mostly very basic details that may have been compromised, and for the most part not payment methods, passwords, etc.
However, once you have been notified of the breach, it may be useful to change your account password.
Have you been affected by this SITA data breach?