SITA falls victim to cyber-attack

It may be a long time since you took a flight, but if you have a frequent flyer card it’s probably time to think about a change of password. Worse still, if you might have re-used the password for something else then it’s time for a full spring-clean of your online identities…:

[…] While SITA has not disclosed which airlines’ data were affected, some carriers have issued their own statements about the breach. Singapore Airlines said the breach affected around 580,000 members of its KrisFlyer and PPS programs. Although Singapore is not a SITA PSS customer, it—along with all other Star Alliance airlines—provide data from its frequent-flyer program to the alliance, which other member airlines using the system then store.

“The information involved is limited to the membership number and tier status and, in some cases, membership name, as this is the full extent of the frequent flyer data that Singapore Airlines shares with other Star Alliance member airlines for this data transfer,” according to Singapore Airlines’ statement. “Specifically, this data breach does not involve KrisFlyer and PPS member passwords, credit card information and other customer data, such as itineraries, reservations, ticketing, passport numbers and email addresses as SIA does not share this information with other Star Alliance member airlines for this data transfer.”

Both Malaysia Airlines and Finnair also have notified customers about the breach and encouraged them to change their loyalty program passwords as a precaution, though both also said they had no evidence that passwords were disclosed in the breach.

Original article