If you have regular flight bills with different airlines, chances are you have received one or more emails about a data breach in the past few days. What exactly is going on?
On February 24, 2021, SITA launched a ‘highly sophisticated’ attack on its IT systems, compromising the information of millions of passengers. Specifically, certain data stored on SITA Passenger Service Systems servers was accessed. The company says it has contacted all SITA PSS customers and all related organizations.
For those of you unfamiliar with the business, SITA essentially provides IT services to the aviation industry around the world, including airlines, airports and ground managers. SITA is involved in everything from operational business practices, to baggage management, to passenger management.
SITA has passenger details stored on its servers, and some of this data may be accessible. The good news is that there are usually no passwords or payment methods compromised, but it rather looks mostly at names, regular flyers and elite status.
You may have been notified of a data breach, even if you have a regular account at an airline that is not a direct customer of SITA. This may be the case if you have booked an itinerary that involves traveling with multiple airlines, if you have used your regular computer when traveling with another airline, and so on. For example, here’s an email that American Airlines received yesterday:
American is not a customer of SITA PSS. However, the incident affected certain AAdvantage loyalty data as some of our airline partners store loyalty data in SITA PSS. We exchange a limited number of frequency loyalty data with our airline partners in recognition of the loyalty status of our AAdvantage members during the trip.
Bottom line
A breach of data by aviation IT company SITA could mean that millions of travelers’ details about regular kites have been compromised. The good news is that it seems to be mostly very basic details that may have been compromised, and mostly not payment methods, passwords, etc.
However, if you have been notified of the breach, it may make sense to change your account password.
Have you been affected by this SITA data breach?