If you have frequent flyer accounts with a variety of airlines, chances are that you received one or more emails in the past couple of days about a data breach. What’s going on, exactly?
On February 24, 2021, SITA suffered a “highly sophisticated” attack on its IT systems, which has caused the information of millions of passengers to be compromised. Specifically, certain data stored on SITA Passenger Service Systems servers was accessed. The company says it has contacted all affected SITA PSS customers, and all related organization.
For those of you not familiar with the company, SITA essentially provides IT services to the aviation industry around the world, including to airlines, airports, and ground handlers. SITA is involved in everything from operational business practices, to baggage management, to passenger management.
SITA has passenger details stored on its servers, and some of that data may have been accessed. The good news is that for the most part no passwords or payment methods were compromised, but rather this seems to center mostly around names, frequent flyer numbers, and elite status.
You may have been notified of a data breach even if you have a frequent flyer account with an airline that isn’t a direct customer of SITA. That can be the case if you’ve either booked an itinerary that involves travel on multiple airlines, if you used your frequent flyer account when traveling with another airline, etc. For example, here’s part of the email I got yesterday from American Airlines:
American is not a customer of SITA PSS. However, the incident did impact certain AAdvantage loyalty data as some of our airline partners store loyalty data in SITA PSS. We exchange a limited set of frequent flyer loyalty data with our airline partners to ensure recognition of our AAdvantage members’ loyalty status when traveling.
Bottom line
A data breach at aviation IT company SITA potentially means the frequent flyer details of millions of travelers were compromised. The good news is that it seems to mostly be very basic details that may have been compromised, and largely not payment methods, passwords, etc.
Nonetheless if you’ve gotten a notice about the breach, it could make sense to change your account password.
Were you impacted by this SITA data breach?
Agree with G Man's concern: what protection is in place to prevent someone from using your miles if they have your program ID number and full name, if they call to make the booking over the phone?
@Bigredwombat
To access your AA account you need AAadvantage number, last name and password. Two of the three have been hacked. If your password is the same as used on other websites that have been hacked too, it’s an easy entry...
It takes less than a minute to change a password, why not change it?
If passwords were not hacked, why would I want to change my existing password?
Forget the story...how 'bout that photo! BEA livery...Thomas Cook livery...Heathrow? Gatwick? Next I'll expect to see a Trident and a VC-10.
Yes I have received an email from BA. Haven't been able to change my password yet, I will give it another go tomorrow.
I have emails coming from UA SQ and CX, and none of them seems to be a direct client of SITA. This makes me wonder what are the airlines that actually use it...
I got the email from BA. Not had one from AA even though I have had previous flights with them but not for approx 18 months and probbaly more importantl;y they were BA bookings.
It's good password practice to (a) change them regularly and (b) not use the same one across multiple sites.
I'm guilty of not doing (a) and guilty of doing (b).
Though last week I did start to end the duplication...
I got the email from BA. Not had one from AA even though I have had previous flights with them but not for approx 18 months and probbaly more importantl;y they were BA bookings.
It's good password practice to (a) change them regularly and (b) not use the same one across multiple sites.
I'm guilty of not doing (a) and guilty of doing (b).
Though last week I did start to end the duplication though it can take time depending on the password restet process.
@Chris Schaulandt - BA sorted the issue overnight - appears to be related to people using theie BAEC number instead of their email and their system being reset to use email only but that's been rectified.
SITA was established by a group of 11 airlines of which only Air France and KLM still exist.
I got my email from BA yesterday. Changed my password and now it says 'account not known'. Guess the BA team need to do some corrections after whatever they did to effected accounts.
The hacked company describing the hack as highly sophisticated. What else would they say? Would SITA even have things like payment methods and passwords? If so, the statement that the hack was highly sophisticated seems questionable.
People will have to again suspect the CCP trying to steal data to investigate their citizens obtaining dual nationality in secret. Just like the CX hack which yielded to no money stolen. The CCP may have hacked CX to investigate those using HKG to fly everywhere without their knowledge. So they hack Oneworld which has no PRC mainland members, and Star Alliance for those accruing their CA/ZH activity on UAACNHSQ etc.
I received this from AA
> We have confirmed with SITA that your name, elite status, and AAdvantage number may have been affected by the incident.
If my AAdvantage number has been 'affected by the incident' then it would seem prudent to use account numbers. Does anyone know if it is possible to request a new number?
Miles and More & the HON Circle customer service sent emails to affected clients.
Honestly, I’m happy if my EXP status with AA becomes public information. Let all the other airlines and hospitality companies lobby me for my business. More status match offers and signup incentives, woe is me.
Ben....How often do you hear of mileage accounts hacked and miles stolen? Is this something you personally worry about, or that average fliers should worry about?
Well, SITA had already announced the discontinuation of its PSS product, so this will probably just accelerate the migration process for the handful of customers whose contracts have still not expired.