Star Alliance Data Breach

Old Mar 5, 21, 1:41 am
  #1  
Original Poster
 
Join Date: Jan 2003
Location: London, UK
Posts: 5,062
SITA Data Breach

Just had this through from Miles & More.
Between 21.1. and 11.2.2021, a data breach occurred at a service provider of one of our Star Alliance partners. The incident involved hackers penetrating a booking system and accessing customer data from Star Alliance partners.

The data in question relates exclusively to service card numbers, status level and in some cases names. Unfortunately, your customer data is also affected. You can rest assured, however, that no passwords, email addresses or other personal customer data were stolen in the incident.

Transparency is a top priority for us at Miles & More. That is why we are hereby informing you about the incident, although it took place outside the Lufthansa Group. There is no need for you to take any action in this matter.

Yours sincerely,

Your Miles & More Service Team

Last edited by Dave_C; Mar 5, 21 at 2:50 am
Dave_C is offline  
Old Mar 5, 21, 1:48 am
  #2  
 
Join Date: Oct 2018
Programs: LH FTL, FB Silver
Posts: 71
I am very doubtful of transparency claims when there is no sharing of the name of the service provider involved. Once again a disgrace when it comes to personal data.
Mr.Potato is offline  
Old Mar 5, 21, 1:51 am
  #3  
Original Poster
 
Join Date: Jan 2003
Location: London, UK
Posts: 5,062
Originally Posted by Mr.Potato View Post
I am very doubtful of transparency claims when there is no sharing of the name of the service provider involved. Once again a disgrace when it comes to personal data.
My guess is that it'll be one of the GDS providers, perhaps Amadeus?
Dave_C is offline  
Old Mar 5, 21, 2:00 am
  #4  
 
Join Date: Oct 2015
Location: next to HAM
Programs: LH FTL, EB*G(2)
Posts: 873
It's SITA
https://www.sita.aero/pressroom/news...rity-incident/
Dave_C and BinSabai like this.
PAX_fips is offline  
Old Mar 5, 21, 2:26 am
  #5  
 
Join Date: Apr 2016
Programs: LH SEN, HH Dia, Accor Plat
Posts: 81
Allais pathetic excuses

On SITA website... Pandemy, COVID19, highly sophisticated attack,... blablabla. Never acknowledging 'we saved money on security, the admin password was left to 000000, ...'. Not even an apology. It is never the fault of the company. There are so many of these breaches now that they all hope we start to be accustomed to these so that they have nothing to do... apart from an already prepared email in case of.
lefrid is offline  
Old Mar 5, 21, 2:28 am
  #6  
 
Join Date: Nov 2004
Location: Denmark
Programs: TK Elite
Posts: 7,018
Any harm/damage? If no, move on...just my cents.
SK AAR is offline  
Old Mar 5, 21, 3:10 am
  #7  
 
Join Date: Jul 2013
Location: BKK
Programs: TG ROP Platinum, M&M Senator, IHG Platinum, Accor Platinum
Posts: 5,901
Originally Posted by SK AAR View Post
Any harm/damage? If no, move on...just my cents.
they claim no damage and members do not need to do anything...
BinSabai is offline  
Old Mar 5, 21, 3:11 am
  #8  
 
Join Date: Feb 2002
Location: Montreux CH
Programs: FB Platinum, M&M FTL, BA Blue
Posts: 9,287
I got the same, having just logged into my email now, and my first reaction was that it was some phishing attempt or something similar. Probably nothing to worry about.
Concerto is offline  
Old Mar 5, 21, 3:13 am
  #9  
 
Join Date: Aug 2005
Location: ZRH
Programs: LX SEN, SQ QPPS2, Hilton Gold, Shangri-La Jade, SLH
Posts: 2,898
Received a similar email also from other *A members such as SQ. The content of the message was the same.
f4freeJunior is offline  
Old Mar 5, 21, 3:38 am
  #10  
Moderator: Lufthansa Miles & More, External Miles & Points Resources
 
Join Date: Dec 2002
Location: MUC
Programs: LH SEN
Posts: 40,769
AI uses SITA PSS which was breached. If you didn't fly AI there is no harm done, at most they have your M&M number and status.
oliver2002 is offline  
Old Mar 5, 21, 4:29 am
  #11  
 
Join Date: Aug 2008
Location: Geneva
Programs: LX HON, AFKL Platinum, BA Gold->Blue again
Posts: 2,827
So hackers now know the number of HON and SEN?
Grog, weero, whiskey_sk and 1 others like this.
MichielR is offline  
Old Mar 5, 21, 4:35 am
  #12  
Moderator: Lufthansa Miles & More, External Miles & Points Resources
 
Join Date: Dec 2002
Location: MUC
Programs: LH SEN
Posts: 40,769
The number of pax who travelled on AI and provided a M&M number starting with 3330 or 2220
oliver2002 is offline  
Old Mar 5, 21, 4:57 am
  #13  
 
Join Date: Aug 2009
Location: MUC
Programs: this and that
Posts: 1,333
Originally Posted by oliver2002 View Post
The number of pax who travelled on AI and provided a M&M number starting with 3330 or 2220
Travelling on AI during which timeframe? The period mentioned in the press release or anyone that has travelled on AI in the [recent] past?
cas_de is offline  
Old Mar 5, 21, 5:14 am
  #14  
 
Join Date: Nov 2004
Location: Denmark
Programs: TK Elite
Posts: 7,018
I seriously doubt many HON or SEN travel with AI (unless it is the only choice available). Let's move on.
SK AAR is offline  
Old Mar 5, 21, 5:20 am
  #15  
Original Poster
 
Join Date: Jan 2003
Location: London, UK
Posts: 5,062
Originally Posted by oliver2002 View Post
The number of pax who travelled on AI and provided a M&M number starting with 3330 or 2220
But it's not limited to that - they have taken my data, coupled with the ability to login to Lufthansa.com with just the FF# and PIN (which is only 5 digits), I think this *is* a risk.
HONline likes this.
Dave_C is offline  

Thread Tools
Search this Thread
Search Engine: