FlyerTalk Forums - View Single Post - Data security incident
Thread
:
Data security incident
View Single Post
Mar 4, 2021 | 2:12 am
#
1
WilcoRoger
FlyerTalk Evangelist
Join Date:
Jan 2008
Location:
HEL
Programs:
lots of shiny metal cards
Posts:
14,849
Data security incident
Just in:
"Dear RW,
We are writing to inform you that some of your Finnair frequent flyer data is unfortunately included in a recent data breach of a third-party information system used by our airline partners. SITA produces IT services for a large number of airlines and airports. Finnair does not use the service that was breached, but we share some frequent flyer data with partners who use this third-party service. This information is shared to ensure that we can serve our members, and to allow you to accrue and use your frequent flyer points. For the avoidance of any doubt, this data incident is not the result of any breach in Finnair IT systems.
We were informed about the breach over the past weekend and started investigating it immediately. The breached data includes member names, personal titles, frequent flyer numbers, tier information, and for some members, meal and seating preferences. Any other information, such as contact details, payment card details or passwords, is not included.
The breached data cannot be used to access Finnair Plus services. Accessing Finnair Plus services always requires a password, and we do not share password data among airlines or with other partners.
Based on our analysis, the nature of the breached data, and the information we have received from SITA, we believe that the risk of this data being misused in other contexts is relatively low, and we have not detected any unusual activity on Finnair Plus accounts.
However, as a standard precaution, we recommend you reset your Finnair Plus password. Please choose a unique password that you have not used in any other service. A strong password includes uppercase letters, lowercase letters, numbers and special characters, and is sufficiently long. It is good to remember that Finnair will never contact you to inquire about your login data. You can also contribute to your privacy by switching on two-factor authentication in the ‘Advanced security’ section of your Finnair Plus profile.
Investigations continue and we are monitoring the situation closely. We have also made a notification to the Finnish Data Protection Authority as required by law.
Your privacy is a priority for us. We are very sorry for the worry this situation may cause you.
More information is on
SITA's website
.
With kind regards,
Ole Orvér
Chief Commercial Officer, Finnair
Reply
WilcoRoger
View Public Profile
Find More Posts by WilcoRoger
Post Options