Go Back  FlyerTalk Forums > Miles&Points > Global Airline Alliances > Star Alliance
Reload this Page >

SITA PSS frequent flyer data breach affecting all *A member airlines

SITA PSS frequent flyer data breach affecting all *A member airlines

Old Mar 4, 21, 4:45 pm
  #1  
Original Poster
 
Join Date: Nov 2015
Location: BNE
Programs: NZ*G, QF Bronze, VA Red
Posts: 547
SITA PSS frequent flyer data breach affecting all *A member airlines

I received an email from Singapore Airlines this morning to advise that they had received confirmation of a data breach at another *A airline's SITA PSS system, which meant that the frequent flyer details of every Star Alliance member airline's loyalty members had been exposed, including your name, tier status, and FF number. It's unclear if OneWorld and SkyTeam details were also compromised.

With this info, malicious individuals could data match your FF details to details stolen in other breaches and perform credible "spearphishing", or by matching against common passwords to attempt to access your FF account to steal flight credits and FF points, manipulate forward bookings, or exploit knowledge of your travel history. Be on the lookout!

IMPORTANT INFORMATION ABOUT YOUR KRISFLYER ACCOUNT
SITA, an information technology company providing passenger service systems, has informed Singapore Airlines of a data security breach involving their passenger service systems' (SITA PSS) servers. While Singapore Airlines is not a customer of the SITA PSS, another Star Alliance member airline is.

All Star Alliance member airlines provide a restricted set of frequent flyer programme data to the alliance, which is then sent on to other member airlines to reside in their passenger service systems. This data transfer is necessary to enable the verification of membership tier status, and to accord to member airlines' customers the relevant benefits while travelling.

As a result, SITA has access to the restricted set of frequent flyer programme data for all 26 Star Alliance member airlines including Singapore Airlines.

We are contacting you as your KrisFlyer data was impacted by this breach of the SITA PSS server. The information involved is limited to your KrisFlyer membership name, membership number and tier status, which is the full extent of the frequent flyer data set that Singapore Airlines shares with other Star Alliance member airlines for this data transfer.

Specifically, this data breach does not involve your membership password, credit card information, and other customer data such as itineraries, reservations, ticketing, passport numbers, and email addresses as SIA does not share this information with other Star Alliance member airlines for this data transfer. Your KrisFlyer miles balance was also not compromised.
kyanar is offline  
Old Mar 4, 21, 9:40 pm
  #2  
 
Join Date: May 2014
Location: Brisbane, Australia
Posts: 673
I'd love to know what airline it is (I guess we'll find out soon).

Air New Zealand just sent the following email out so I guess it's not them:

We have recently been alerted that a Star Alliance partner has been impacted by a security data breach, involving some of our customers’ data as well as that of many other Star Alliance airlines.

The Star Alliance member airlines share minimal frequent flyer data between each other and limited third parties to ensure benefits can be used across different carriers, for example access to member lounges.

Unfortunately, some of your information has been involved in this data breach however, this is limited to your name, tier status and membership number. This is the full extent of frequent flyer data Air New Zealand shares with other Star Alliance member airlines.

This data breach does not include any member passwords, credit card information or other personal customer data such as itineraries, reservations, ticketing, passport numbers, email addresses or other contact information.
henrus is offline  
Old Mar 4, 21, 9:50 pm
  #3  
FlyerTalk Evangelist
 
Join Date: Apr 2001
Location: MEL CHC
Posts: 17,056
Finnair AY thread---> Data security incident
Mwenenzi is offline  
Old Mar 5, 21, 2:47 am
  #4  
 
Join Date: Sep 2017
Posts: 72
Got the same notice from CX citing it affected some OW airlines too. So yes, this affected more than *A members
akl_cat is offline  
Old Mar 5, 21, 3:27 am
  #5  
 
Join Date: Jan 2019
Location: PRG
Programs: FB Platinum, A3 Gold, BA Silver
Posts: 980
Lufthansa too
747jetter is offline  
Old Mar 5, 21, 6:02 am
  #6  
Moderator: Lufthansa Miles & More, External Miles & Points Resources
 
Join Date: Dec 2002
Location: MUC
Programs: LH SEN
Posts: 40,500
Air India is the only *A carrier using SITA PSS
uanj and powergean like this.
oliver2002 is offline  
Old Mar 5, 21, 2:43 pm
  #7  
1P
 
Join Date: Apr 2000
Location: LAX and LHR. UA lifetime Gold 1.8MM 1K , DL GM, HHonors Gold, Marriott Gold, BW Plat, Hertz #1 Gold PC, Avis Preferred
Posts: 3,194
UA sent out their notification half an hour ago.
1P is offline  
Old Mar 7, 21, 4:53 am
  #8  
 
Join Date: Mar 2005
Programs: IHG Plat, Accor gold, M&M FTL, BA Blue, QR Gold, A3 *Gold
Posts: 1,967
I got notifications from both LH and A3.
tom tulpe is offline  

Thread Tools
Search this Thread
Search Engine: