Sita hack affects passenger data from Star Alliance

[German]Unpleasant story – the servers of the service provider for airlines, SITA (cooperates with IATA), were hacked. Customer data of air travelers of Star Allicance (among others United) got into the hands of hackers. Singapore Airlines and other airlines  have informed customers.


SITA confirms hack of PSS

SITA is an (IT) services for air lines, cooperating with IATA (International Air Transport Association). SITA advertises itself as the world's leading specialist in communications and information technology for air transport. A few hours ago, SITA announced that it had been the victim of a cyber attack. Here is the press release:

SITA confirms that it was the victim of a cyber-attack, leading to a data security incident involving certain passenger data that was stored on SITA Passenger Service System (US) Inc. servers. Passenger Service System (US) Inc. ("SITA PSS") operates passenger processing systems for airlines.

After confirmation of the seriousness of the data security incident on February 24, 2021, SITA took immediate action to contact affected SITA PSS customers and all related organizations.

We recognize that the COVID-19 pandemic has raised concerns about security threats, and, at the same time, cyber-criminals have become more sophisticated and active. This was a highly sophisticated attack.

SITA acted swiftly and initiated targeted containment measures. The matter remains under continued investigation by SITA's Security Incident Response Team with the support of leading external experts in cyber-security.

If you are the customer of an airline and have a Data Subject Access Request in relation to the handling of your personal data, this request must be made directly to that airline in accordance with GDPR and data protection legislation. SITA is unable to respond directly to any such request.

In brief: The SITA Passenger Service System was hacked, i.e. the servers on which airline passenger data was stored. Must have been noticed on February 24, 2021. SITA does not give details – but I found out relevant information about airlines. Hundreds of thousands of members in the frequent flyer program are likely to be affected.

Airlines informs frequent travellers

A few hours ago, Singapore Airlines informed selected members of the KrisFlyer program whose membership data was affected in the above SITA PSS hack about the incident. On German site someone posted the notification in the KrisFlyer program.


SITA, an information technology company providing passenger service systems, has informed Singapore Airlines of a data security breach involving their passenger service systems' (SITA PSS) servers. While Singapore Airlines is not a customer of the SITA PSS, another Star Alliance member airline is.

All Star Alliance member airlines provide a restricted set of frequent flyer programme data to the alliance, which is then sent on to other member airlines to reside in their passenger service systems. This data transfer is necessary to enable the verification of membership tier status, and to accord to member airlines' customers the relevant benefits while travelling.

As a result, SITA has access to the restricted set of frequent flyer programme data for all 26 Star Alliance member airlines including Singapore Airlines.

We are contacting you as your KrisFlyer data was impacted by this breach of the SITA PSS server. The information involved is limited to your KrisFlyer membership name, membership number and tier status, which is the full extent of the frequent flyer data set that Singapore Airlines shares with other Star Alliance member airlines for this data transfer.

Specifically, this data breach does not involve your membership password, credit card information, and other customer data such as itineraries, reservations, ticketing, passport numbers, and email addresses as SIA does not share this information with other Star Alliance member airlines for this data transfer. Your KrisFlyer miles balance was also not compromised.

We would also like to reassure you that none of Singapore Airlines' IT systems have been affected by this incident. The protection of our customers' personal data is of utmost importance to Singapore Airlines. We apologise for the inconvenience caused. We will work with our partners to review the current procedures, and take all necessary steps to improve data security.

The summary: All 26 members of Star Allicance are affected, including Lufthansa, Swiss, Austrian Air, Finn Air, etc. During the hack, the following data from the frequent flyer membership program was captured:

  • Member name
  • Membership number
  • Tier status

This data is probably exchanged via the Passenger Service System (PSS) between the Star Allicance airlines in order to be able to grant miles in the frequent flyer program and other benefits. Payment data (credit card data, etc.), e-mail addresses and passwords are probably not affected. From Lufthansa Miles & More program I have seen a mail, where they say, the hack has been between Jan. 21, and Feb. 11, 2021. According to this, the hack took place even earlier than in the SITA press release. Currently, I cannot yet see how critical the above hack is. The European airlines must then probably make a notification to the relevant data protection supervisory authority. SITA itself does not answer inquiries from data subjects, as this is the responsibility of the airlines.


Cookies helps to fund this blog: Cookie settings

This entry was posted in Security and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *