An IT services provider company, known as SITA Passenger Services, has reportedly faced a hacker attack which is known for managing ticketing and frequent flyer of chief global airlines.

The hacker attack has allegedly exposed and compromised the personal details and information of an indefinite number of commuters. That includes star alliance and OneWorld members.

The threat actors had illegally accessed the IT infrastructure and systems of Atlanta’s SITA Passenger service system for about an entire month before that attack was brought to the attention of the organization and was investigated upon.

A spokesperson of the company remarked of being unaware of the total number of airlines affected due to the attack. 

SITA hacker attack:

SITA is known for offering IT and telecommunication services to more than 400 members and 2,800 customers worldwide, which it claims is about 90% of the world’s airline business.

SITA’s statements regarding the hacker attack state that among the affected ones, airlines like Singapore Airlines, New Zealand Air, and Lufthansa were also compromised on the attack.

SITA insists on the fact that the range to which their customers i.e the airlines was affected varies from airline to airline.

Major airlines compromised in the hacker attack:

It stated that Malaysia Airlines, Finnair, Malaysia Airlines as well as Japan Airlines, and Cathay Pacific had either published statements or contacted their frequent-flyer members regarding the hacker attack.

United Airlines, also one of the impacted customers, reported specifically that only customer data that may have been illegally accessed in the attack would be names, frequent-flyer numbers, and program status.

The impacted airline organization has suggested its frequent flyer members modify or update old accounts and passwords as a future protective measure.

Star Alliance has also reported the hacker attack impacting their system via a spokesperson confirming that it had affected a “restricted set of frequent flyer program data”

The organization stated that it had been advised to implement “containment measures”  and that the attack was under investigation in coordination with authorities and professional cybersecurity experts. “external specialist cybersecurity experts“.