Multiple Airlines Hit By Supply Chain Attack

A major aviation IT company has been breached in what appears to be a highly sophisticated, coordinated supply chain attack affecting multiple airlines and hundreds of thousands of passengers. SITA provides IT and telecoms services to around 400 members in the industry, claiming to serve around 90% of the global airline business. 

SITA has disclosed a data security breach involving their passenger service system servers. “We recognise that the COVID-19 pandemic has raised concerns about security threats, and, at the same time, cyber criminals have become more sophisticated and active” SITA said in a statement.

The company revealed that attackers had compromised passenger data stored on its SITA Passenger Service System servers in the US which operate passenger processing systems for airline clients.After confirmation of the seriousness of the data security incident on February 24 2021, SITA took immediate action to contact affected SITA PSS customers and all related organisations. 

  • Singapore Airlines released a statement this week to the same effect. Although the airline said it is not a customer of SITA, the attackers managed to compromise its KrisFlyer and PPS members’ data via a fellow Star Alliance member. 
  • Other airlines affected include Finnair who said 200,000 frequent flyers were affected. Unlike to the devastating data breach at British Airways in 2018, debit and credit card information was not taken, but the airline has advised customers to change their card account passwords.  
  • The hack is also thought to be part of an attack on ill-fated Malaysia Airlines, which found that ts frequent flyer programme had been compromised between 2010 and 2019.

Ran Nahmias, co-founder of threat intelligence firm Cyberpion, says the attacks highlight the risks involved in modern IT supply chains. “When you consider the need to monitor the potential risks across a vast ecosystem that includes vector-associated DNS management, cloud providers, web properties, encryption, certificates and mobile infrastructures, the modern IT organization is not prepared to monitor, let alone manage, that risk... When there is a lack of clearly defined oversight and management processes, hackers are able to operate freely and inflict significantly more damage.”

If you are the customer of an airline and have a Data Subject Access Request in relation to the handling of your personal data, this request must be made directly to that airline in accordance with GDPR and data protection legislation. SITA itself is unable to respond directly to such requests.

Singapore Air:          SITA:        Infosecurity Magazine:       YLE Finland

You Might Also Read:

Airline Faces £800m Penalty For Customer Data Breach:

 

« Britain Will Build Up Its Military Cyber Capabilities
GCHQ’s AI Report Has A Clear Message »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Perimeter 81 / Black Hat On-Demand Webinar

Perimeter 81 / Black Hat On-Demand Webinar

Black Hat On-Demand Webinar - Identity is the New Perimeter: This webinar will provide you with vital insights to help understand the need for Zero Trust and how it can transform your network.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Maureen Data Systems

Maureen Data Systems

Maureen Data Systems (MDS) services cover Data Centres, Cloud Computing, Cyber Security, Mobility, Virtualisation, Managed Services.

ECOS Technology

ECOS Technology

ECOS Technology specializes in the development and sale of IT solutions for high-security remote access as well as the management of certificates and smart cards.

Illuria Security

Illuria Security

Illuria's fully automated solution detects and sandboxes incoming attacks before they ever reach your servers.

IAmI Authentications

IAmI Authentications

IAmI is a first in Tokenization Cloud-based IAM Security Services, delivering the most advanced form of Two-Factor Authentication.

Data Security Inc

Data Security Inc

Data Security, Inc. is the leading American manufacturer and supplier of hard drive degaussers, magnetic tape degaussers as well as hard drive and solid state destruction devices.

Macomb-OU Incubator

Macomb-OU Incubator

Macomb-Oakland University Incubator supports startup and emerging companies in the niche industries of defense, homeland security, advanced manufacturing and technology.

Kratos Defense & Security Solutions

Kratos Defense & Security Solutions

The Kratos Space, Training, and Cybersecurity division addresses key cybersecurity challenges, including cloud security, continuous monitoring, IT security, and risk management.

Moviri

Moviri

Moviri combines security technology engineering, intelligence expertise and our data science DNA to help companies manage digital risk end-to-end.