Around 580,000 privilege fliers, KrisFlyer and PPS members, have been affected by a data breach, Singapore Airlines (SIA) has stated.
The data breach entails the passenger service system servers of SITA, an air transport info know-how firm, in keeping with Channel News Asia report.
“While SIA will not be a buyer of the SITA PSS, this breach of the SITA PSS server has affected some KrisFlyer and PPS members,” the nationwide provider stated on Thursday.
SIA added that this data breach particularly doesn’t contain KrisFlyer and PPS member passwords, bank card info and different buyer data corresponding to itineraries, reservations, ticketing, passport numbers and electronic mail addresses.
Such info will not be shared with different Star Alliance member airways for this data switch, the airline stated.
All Star Alliance member airways present a restricted set of frequent flyer programme data to the alliance, which is then despatched on to different member airways to reside of their respective passenger service methods.
SIA stated this data switch is important to allow verification of the membership tier standing, and to accord to member airways’ prospects the related advantages whereas travelling.
One of the Star Alliance member airways is a SITA PSS buyer. As a outcome, SITA has entry to the restricted set of frequent flyer programme data for all 26 Star Alliance member airways together with Singapore Airlines.
“The info concerned is restricted to the membership quantity and tier standing and, in some instances, membership title, as that is the complete extent of the frequent flyer data that Singapore Airlines shares with different Star Alliance member airways for this data switch,” stated SIA.
SIA stated none of its IT methods have been affected by the breach and that they’re reaching out to all KrisFlyer and PPS members to tell them concerning the incident. “The safety of our prospects’ private data is of utmost significance to Singapore Airlines, and we sincerely remorse the incident and apologise for the inconvenience triggered.” SITA confirmed in a separate assertion that it was the “sufferer of a cyber-attack” which led to the data safety incident.
After confirming the seriousness of the incident on February 24, SITA stated it took instant motion to contact the affected SITA passenger service system prospects and all associated organisations.
“We recognise that the Covid-19 pandemic has raised issues about safety threats, and, on the similar time, cyber-criminals have develop into extra refined and energetic. This was a extremely refined assault,” the Channel quoted the corporate as saying.
SITA added that the matter stays underneath continued investigation by its safety incident response group with the help of “main exterior specialists in cyber-security”.