Millions of frequent flight accounts have been shattered in a recent attack.
getty
A third-party IT vendor that manages ticket processing and frequent travel data for hundreds of major global airlines – including Star Alliance and OneWorld members – says a cyber attack is “true “smart” has recorded the personal data of millions of passengers. loyalty programs.
Atlanta-based SITA confirmed Thursday that cyber hackers had stored a “data security event that contained specific data of passengers” on its servers, according to a statement. It appears that hackers were able to gain access to some computer systems for up to a month before SITA became aware of the incident in late February.
Through the pandemic, while Americans have spent more time at home and less time traveling, cyberthieves have targeted more miles and loyalty program points, according to a report “ State of the Internet ”recently from Akamai Technologies, the global cybersecurity platform.
After the launch of Covid-19 locks in early 2020, Akamai noticed an uptick in loyalty program accounts being sold on the dark web. Between July 2018 and June 2020, Akamai witnessed more than 100 billion credible infringement attacks, of which more than 63 billion targeted the sales, travel, and hospitality sectors.
SITA, which serves more than 400 airlines making up about 90% of the global aviation industry, said Lufthansa, Singapore Airlines and New Zealand Air were the biggest airlines affected. The three airlines had a combined two million passenger records.
Singapore Airlines said in a statement that while it was not a customer of SITA, data from more than 580,000 flycatchers were disclosed due to its membership in Star Alliance.
“SITA has access to the limited set of frequent flight program data for all 26 Star Alliance airlines including Singapore Airlines,” a Singapore Airlines statement said, adding that a division was needed. data to determine membership level status, “and to be in line with member airlines. customers the relevant benefits while traveling. “
At present, at least 10 airlines have sent emails to airline members frequently informing them that some personal data has been compromised.
Air New Zealand customers received an email on Friday stating that “some of our customer data as well as data from many other Star Alliance airlines was affected, but was limited to“ your name, tier status and membership number, ”according to the email. “This data breach does not include any member passwords, credit card information or other personal messenger data such as passports, bookings, tickets, passport numbers, email addresses or other contact information. , ”
Similarly, in frequent emails to flights, United Airlines suggested that customers should change their account passwords “out of sufficient warning” but that names, regular-flight numbers and status program the only messenger data that can be accessed.
One reason loyalty programs make targets easy is that they have a comprehension problem, according to the Akamai report. Many customers don’t think of loyalty accounts and rewards as high risk, so they are more likely to use weak passwords.
SITES MORE