Air New Zealand customers told of Star Alliance data breach
#1
Original Poster
Join Date: Sep 2010
Location: CHC
Programs: NZ*S, IHG D
Posts: 97
Air New Zealand customers told of Star Alliance data breach
https://www.nzherald.co.nz/business/...5HS74CPBOKVVU/
Apparently "only a small subset of Airpoints customers have been impacted" although this line stuck out to me the most
Why not?!
Deductions from my personal experience is that the 'culprit' is SQ
Apparently "only a small subset of Airpoints customers have been impacted" although this line stuck out to me the most
Air New Zealand is not telling its customers which partner airline was affected
Deductions from my personal experience is that the 'culprit' is SQ
#2
Join Date: Jan 2014
Location: SEA
Programs: NZ Elite (*G)
Posts: 657
https://www.nzherald.co.nz/business/...5HS74CPBOKVVU/
Apparently "only a small subset of Airpoints customers have been impacted" although this line stuck out to me the most
Why not?!
Deductions from my personal experience is that the 'culprit' is SQ
Apparently "only a small subset of Airpoints customers have been impacted" although this line stuck out to me the most
Why not?!
Deductions from my personal experience is that the 'culprit' is SQ
#3
Join Date: Apr 2013
Location: New Zealand (most of the time)
Programs: Air NZ Elite *G, Honors Gold, IHG Platinum Elite
Posts: 6,114
The NZ Herald seems pretty confused. If they'd done any basic research rather than just seemingly writing a story based on the Air NZ customer email they'd know this all relates to the SITA data breach.
No individual airline had a data breach - it was *G data that SITA had, hence it only affecting a small percentage of Airpoints customers who are Gold or Elite (and seemingly *G customer data for every *A airline).
https://www.sita.aero/pressroom/news-releases/sita-statement-about-security-incident/
No individual airline had a data breach - it was *G data that SITA had, hence it only affecting a small percentage of Airpoints customers who are Gold or Elite (and seemingly *G customer data for every *A airline).
https://www.sita.aero/pressroom/news-releases/sita-statement-about-security-incident/
Last edited by sbiddle; Mar 5, 2021 at 9:47 am
#5
Join Date: May 2014
Location: Brisbane, Australia
Posts: 909
#6
Join Date: Jan 2016
Posts: 2,645
See press release a few posts before
https://www.sita.aero/pressroom/news...rity-incident/
First sentence
SITA confirms that it was the victim of a cyber-attack, leading to a data security incident involving certain passenger data that was stored on SITA Passenger Service System (US) Inc. servers. Passenger Service System (US) Inc. (“SITA PSS”) operates passenger processing systems for airlines.
#8
Join Date: Sep 2014
Location: South Island, New Zealand
Programs: Krisflyer, Qantas Frequent Flyer, Air NZ Airpoints, Koru, NZ*S and former *G
Posts: 317
I never received anything from NZ but did receive a notification from SQ, and it appears not them as their message starts off:
"SITA, an information technology company providing passenger service systems, has informed Singapore Airlines of a data security breach involving their passenger service systems’ (SITA PSS) servers. While Singapore Airlines is not a customer of the SITA PSS, another Star Alliance member airline is...."
"SITA, an information technology company providing passenger service systems, has informed Singapore Airlines of a data security breach involving their passenger service systems’ (SITA PSS) servers. While Singapore Airlines is not a customer of the SITA PSS, another Star Alliance member airline is...."
#9
Join Date: Jan 2016
Posts: 2,645
AirNZ only provides Name, Number and tier to this SITA system. Your AirNZ password or hash is not given to them. So there is no need to change your AirNZ password.
Sure the authentication credentials which AirNZ (and other airlines) uses to auth to this system will need to be changed, but there is no action for individual parties to do.
#10
Join Date: Sep 2011
Location: New Zealand
Programs: NZ*S plus various hotel programs
Posts: 945
For those who didn't get the email, I've copied the one I got here (second time my Air NZ info has been leaked too, although last time it was a bit more info).
Kia ora Trumpkyn,
We have recently been alerted that a Star Alliance partner has been impacted by a security data breach, involving some of our customers’ data as well as that of many other Star Alliance airlines.
The Star Alliance member airlines share minimal frequent flyer data between each other and limited third parties to ensure benefits can be used across different carriers, for example access to member lounges.
Unfortunately, some of your information has been involved in this data breach however, this is limited to your name, tier status and membership number. This is the full extent of frequent flyer data Air New Zealand shares with other Star Alliance member airlines.
This data breach does not include any member passwords, credit card information or other personal customer data such as itineraries, reservations, ticketing, passport numbers, email addresses or other contact information.
What do you need to do?
You do not need to do anything. There is no need to change your password or take any other action. Air New Zealand takes data security and privacy seriously and we want to assure you we are working with Star Alliance to ensure stronger systems are in place to prevent any similar issues occurring in the future.
We do apologise for any inconvenience this has caused and if you have any further questions, please don’t hesitate to email us at [email protected]?subject=Se...0New%20Zealand
Ngā mihi nui,
Leanne Geraghty
Chief Customer and Sales Officer
We have recently been alerted that a Star Alliance partner has been impacted by a security data breach, involving some of our customers’ data as well as that of many other Star Alliance airlines.
The Star Alliance member airlines share minimal frequent flyer data between each other and limited third parties to ensure benefits can be used across different carriers, for example access to member lounges.
Unfortunately, some of your information has been involved in this data breach however, this is limited to your name, tier status and membership number. This is the full extent of frequent flyer data Air New Zealand shares with other Star Alliance member airlines.
This data breach does not include any member passwords, credit card information or other personal customer data such as itineraries, reservations, ticketing, passport numbers, email addresses or other contact information.
What do you need to do?
You do not need to do anything. There is no need to change your password or take any other action. Air New Zealand takes data security and privacy seriously and we want to assure you we are working with Star Alliance to ensure stronger systems are in place to prevent any similar issues occurring in the future.
We do apologise for any inconvenience this has caused and if you have any further questions, please don’t hesitate to email us at [email protected]?subject=Se...0New%20Zealand
Ngā mihi nui,
Leanne Geraghty
Chief Customer and Sales Officer
#11
Join Date: May 2014
Location: Brisbane, Australia
Posts: 909
SITA has said it was them.
See press release a few posts before
https://www.sita.aero/pressroom/news...rity-incident/
First sentence
See press release a few posts before
https://www.sita.aero/pressroom/news...rity-incident/
First sentence
The breach also impacted oneworld airlines however I believe it was more than one in the alliance that was using the SITA platform.
#12
Join Date: Apr 2016
Posts: 778
The NZ Herald seems pretty confused. If they'd done any basic research rather than just seemingly writing a story based on the Air NZ customer email they'd know this all relates to the SITA data breach.
No individual airline had a data breach - it was *G data that SITA had, hence it only affecting a small percentage of Airpoints customers who are Gold or Elite (and seemingly *G customer data for every *A airline).
https://www.sita.aero/pressroom/news...rity-incident/
No individual airline had a data breach - it was *G data that SITA had, hence it only affecting a small percentage of Airpoints customers who are Gold or Elite (and seemingly *G customer data for every *A airline).
https://www.sita.aero/pressroom/news...rity-incident/
#14
Join Date: Jan 2016
Posts: 2,645
Or koru for LAX entry?