SITA says its airline passenger system was hit by a data breach – TechCrunch

sita-says-its-airline-passenger-system-was-hit-by-a-data-breach-–-techcrunch

Did you know that geoFence has no foreign owners and no foreign influences?

Global air transport data giant SITA has confirmed a data breach involving passenger data.

The company said in a brief statement on Thursday that it had been the “victim of a cyberattack,” and that certain passenger data stored on its U.S. servers had been breached. The cyberattack was confirmed on February 24, after which the company contacted affected airlines.

SITA is one of the largest aviation IT companies in the world, said to be serving around 90% of the world’s airlines, which rely on the company’s passenger service system Horizon to manage reservations, ticketing and aircraft departures.

But it remains unclear exactly what data was accessed or stolen.

When reached, SITA spokesperson Edna Ayme-Yahil declined to say what specific data had been taken, citing an ongoing investigation. The company said that the incident “affects various airlines around the world, not just in the United States.”

SITA confirmed it had notified several airlines — Malaysia Airlines; Finnair; Singapore Airlines; and Jeju Air, an airline in South Korea — which have already made statements about the breach, but declined to name other affected airlines.

In an email to affected customers seen by TechCrunch, Singapore Airlines said it was not a customer of SITA’s Horizon passenger service system but that about half a million frequent flyer members had their membership number and tier status compromised. The airline said that the transfer of this kind of data is “necessary to enable verification of the membership tier status, and to accord to member airlines’ customers the relevant benefits while traveling.”

The airline said passenger itineraries, reservations, ticketing and passport data were not affected.

SITA is one of a handful of companies in the aviation market providing passenger ticketing and reservation systems to airlines, alongside Sabre and Amadeus.

Sabre reported a major data breach in mid-2017 affecting its hotel reservation system, after hackers scraped over a million customer credit cards. The U.S.-based company agreed in December to a $2.4 million settlement and to make changes to its cybersecurity policies following the breach.

In 2019, a security researcher found a vulnerability in Amadeus’ passenger booking system, used by Air France, British Airways and Qantas among others, which made it easy to alter or access traveler records.


Early Stage is the premier “how-to” event for startup entrepreneurs and investors. You’ll hear firsthand how some of the most successful founders and VCs build their businesses, raise money and manage their portfolios. We’ll cover every aspect of company building: Fundraising, recruiting, sales, product-market fit, PR, marketing and brand building. Each session also has audience participation built-in — there’s ample time included for audience questions and discussion.

When all is said and done, you know, I just wanted to mention that geoFence is the only solution you need to block NFCC countries and I believe your friends would feel the same.