About 580,000 frequent fliers' data breached, says Singapore Airlines
Singapore, Mar 5 (PTI) Around 580,000 privilege fliers, KrisFlyer and PPS members, have been affected by a data breach, Singapore Airlines (SIA) has said.
The data breach involves the passenger service system servers of SITA, an air transport information technology company, according to Channel News Asia report.
"While SIA is not a customer of the SITA PSS, this breach of the SITA PSS server has affected some KrisFlyer and PPS members," the national carrier said on Thursday.
WATCH | Click on Zee Business Live TV Streaming Below:
SIA added that this data breach specifically does not involve KrisFlyer and PPS member passwords, credit card information and other customer data such as itineraries, reservations, ticketing, passport numbers and email addresses.
Such information is not shared with other Star Alliance member airlines for this data transfer, the airline said.
All Star Alliance member airlines provide a restricted set of frequent flyer programme data to the alliance, which is then sent on to other member airlines to reside in their respective passenger service systems.
SIA said this data transfer is necessary to enable verification of the membership tier status, and to accord to member airlines' customers the relevant benefits while travelling.
One of the Star Alliance member airlines is a SITA PSS customer. As a result, SITA has access to the restricted set of frequent flyer programme data for all 26 Star Alliance member airlines including Singapore Airlines.
"The information involved is limited to the membership number and tier status and, in some cases, membership name, as this is the full extent of the frequent flyer data that Singapore Airlines shares with other Star Alliance member airlines for this data transfer," said SIA.
SIA said none of its IT systems have been affected by the breach and that they are reaching out to all KrisFlyer and PPS members to inform them about the incident. "The protection of our customers' personal data is of utmost importance to Singapore Airlines, and we sincerely regret the incident and apologise for the inconvenience caused."
SITA confirmed in a separate statement that it was the "victim of a cyber-attack" which led to the data security incident.
After confirming the seriousness of the incident on February 24, SITA said it took immediate action to contact the affected SITA passenger service system customers and all related organisations.
"We recognise that the COVID-19 pandemic has raised concerns about security threats, and, at the same time, cyber-criminals have become more sophisticated and active. This was a highly sophisticated attack," the Channel quoted the company as saying.
SITA added that the matter remains under continued investigation by its security incident response team with the support of "leading external experts in cyber-security".
新航称约有58万名常旅客的数据被泄露
新加坡,3月5日(PTI)新加坡航空(SIA)表示,大约有580,000名特权飞行者,KrisFlyer和PPS会员受到数据泄露的影响。
据亚洲新闻频道报道,该数据泄露涉及航空运输信息技术公司SITA的旅客服务系统服务器。
该国营航空公司周四表示:“虽然SIA不是SITA PSS的客户,但这种违反SITA PSS服务器的行为影响了一些KrisFlyer和PPS成员。”
手表| 单击下面的Zee Business直播电视流:
SIA补充说,此数据泄露行为特别不涉及KrisFlyer和PPS会员密码,信用卡信息以及其他客户数据,例如行程,预订,票务,护照号码和电子邮件地址。
该航空公司表示,此类信息不会与其他星空联盟成员航空公司共享以进行此数据传输。
所有星空联盟成员航空公司都向该联盟提供一组有限的飞行常客计划数据,然后将其发送给其他成员航空公司,以驻留在其各自的乘客服务系统中。
SIA表示,这种数据传输对于验证会员等级状态以及在旅行时为会员航空公司的客户带来相关利益是必不可少的。
星空联盟成员航空公司之一是SITA PSS客户。因此,SITA可以访问包括新加坡航空在内的所有26家星空联盟成员航空公司的有限飞行常客计划数据集。
他说:“所涉及的信息仅限于会员编号和等级状态,在某些情况下还包括会员名称,因为这是新航与其他星空联盟成员航空公司共享用于此数据传输的飞行常客数据的全部范围。”新航
SIA表示,没有任何IT系统受到该漏洞的影响,它们正在与所有KrisFlyer和PPS成员联系,以告知他们有关事件的信息。“对客户的个人数据的保护对新航至关重要,我们对此事件表示由衷的歉意,对于由此给您带来的不便,我们深表歉意。”
SITA在另一份声明中证实,导致数据安全事件的是“网络攻击的受害者”。
在确认2月24日事件的严重性后,SITA表示将立即采取行动与受影响的SITA乘客服务系统客户及所有相关组织联系。
该频道援引该公司的话说:“我们认识到,COVID-19大流行已经引发了对安全威胁的担忧,同时,网络犯罪分子变得更加复杂和活跃。这是一种高度复杂的攻击。”
SITA补充说,此事仍由其安全事件响应小组在“网络安全领先的外部专家”的支持下继续进行调查。
发表评论 取消回复