Airlines warn passengers of data breach after aviation tech supplier is hit by cyberattack

Sita, which provides IT of services to 90% of the world's airlines, warns of "data security incident" after falling victim to a "highly sophisticated attack"

The lessons cybersecurity teams need to learn from hackers to beat them at their own game

Global aviation industry IT supplier SITA has confirmed it has fallen victim to a cyberattack, with hackers gaining access to personal information of airline passengers.

The information technology and communications company, which claims to serve around 90% of the world's airlines, said that a cyberattack on February 24, 2021 led to "data security incident" involving passenger data that was stored on SITA Passenger Service System Inc. servers located at Atlanta, Georgia in the United States.

A statement by SITA describes the incident as a "highly sophisticated attack" and said that the company "acted swiftly" to contain the incident, which still remains under investigation by SITA's Security Incident Response Team, alongside external cybersecurity experts.

SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)

"We recognize that the COVID-19 pandemic has raised concerns about security threats, and, at the same time, cyber criminals have become more sophisticated and active," said the SITA statement.

Star Alliance airlines including Singapore Airlines, New Zealand Air and Lufthansa have warned passengers about the SITA data breach, while some One World airlines including Malaysia Airlines, Finnair, Japan Airlines and Cathay Pacific have also informed passengers about the cyberattack. South Korean airline JeJu Air has emailed passengers about the incident

While SITA hasn't confirmed the exact nature of the information that has been accessed by hackers, a spokesperson told ZDNet that "it does include some personal data of airline passengers".

Some airlines have detailed what information was accessed in the attack, stating that frequent flyer data – such as name, tier status and membership number – has been stolen. An email sent to customers of New Zealand Air said that the data breach doesn't contain information on passwords, credit card details, passport information or contact addresses.

An exact figure for the number of passengers affected by the breach remains unclear as SITA has yet to publicly comment on the matter, but a report by The Guardian claims that hundreds of thousands of passengers could have had their information stolen.

MORE ON CYBERSECURITY