In a statement issued March 4 SITA confirmed it was the victim of a cyber-attack, leading to a data security incident involving certain passenger data that was stored on SITA Passenger Service System (US) Inc. servers. SITA PSS operates passenger processing systems for airlines.
“After confirmation of the seriousness of the data security incident on February 24, 2021, SITA took immediate action to contact affected SITA PSS customers and all related organizations,” says the statement.
“We recognize that the COVID-19 pandemic has raised concerns about security threats, and, at the same time, cyber-criminals have become more sophisticated and active. This was a highly sophisticated attack.”
SITA says it acted swiftly and initiated targeted containment measures, and that the breach remains under continued investigation by SITA’s Security Incident Response Team.
Numerous reports indicate that impacted Star Alliance carriers include Singapore Airlines. Reports also indicate that the hacked information involved frequent flyer data.