Star Alliance Data Breach
#1
Original Poster
Join Date: Jan 2003
Location: London, UK
Posts: 5,655
SITA Data Breach
Just had this through from Miles & More.
Between 21.1. and 11.2.2021, a data breach occurred at a service provider of one of our Star Alliance partners. The incident involved hackers penetrating a booking system and accessing customer data from Star Alliance partners.
The data in question relates exclusively to service card numbers, status level and in some cases names. Unfortunately, your customer data is also affected. You can rest assured, however, that no passwords, email addresses or other personal customer data were stolen in the incident.
Transparency is a top priority for us at Miles & More. That is why we are hereby informing you about the incident, although it took place outside the Lufthansa Group. There is no need for you to take any action in this matter.
Yours sincerely,
Your Miles & More Service Team
The data in question relates exclusively to service card numbers, status level and in some cases names. Unfortunately, your customer data is also affected. You can rest assured, however, that no passwords, email addresses or other personal customer data were stolen in the incident.
Transparency is a top priority for us at Miles & More. That is why we are hereby informing you about the incident, although it took place outside the Lufthansa Group. There is no need for you to take any action in this matter.
Yours sincerely,
Your Miles & More Service Team
Last edited by Dave_C; Mar 5, 2021 at 2:50 am
#3
Original Poster
Join Date: Jan 2003
Location: London, UK
Posts: 5,655
#4
Join Date: Oct 2015
Location: next to HAM
Programs: LH M+M
Posts: 960
#5
Join Date: Apr 2016
Programs: LH SEN, HH Dia, Accor Plat
Posts: 127
Allais pathetic excuses
On SITA website... Pandemy, COVID19, highly sophisticated attack,... blablabla. Never acknowledging 'we saved money on security, the admin password was left to 000000, ...'. Not even an apology. It is never the fault of the company. There are so many of these breaches now that they all hope we start to be accustomed to these so that they have nothing to do... apart from an already prepared email in case of.
#8
FlyerTalk Evangelist
Join Date: Feb 2002
Location: Montreux CH
Programs: FB Platinum, M&M FTL, BA Blue
Posts: 11,621
I got the same, having just logged into my email now, and my first reaction was that it was some phishing attempt or something similar. Probably nothing to worry about.
#10
Moderator: Lufthansa Miles & More, India based airlines, India, External Miles & Points Resources
Join Date: Dec 2002
Location: MUC
Programs: LH SEN
Posts: 48,168
AI uses SITA PSS which was breached. If you didn't fly AI there is no harm done, at most they have your M&M number and status.
#13
Join Date: Aug 2009
Location: between DM464 and DM463 on the NAPSA26 RNAV TRANS in EDDM
Programs: this and that
Posts: 1,731
#15
Original Poster
Join Date: Jan 2003
Location: London, UK
Posts: 5,655
But it's not limited to that - they have taken my data, coupled with the ability to login to Lufthansa.com with just the FF# and PIN (which is only 5 digits), I think this *is* a risk.