Email from Singapore Airlines - SITA Breach

Status
Not open for further replies.
K

kyanar

Member
AFF Supporter
Joined
Apr 11, 2015
Posts
214
Qantas
Qantas Club
Virgin
Red
So, this morning I got an email from Singapore Airlines that my frequent flyer details have been compromised by the breach of some other Star Alliance member's SITA systems (interestingly, no other Star Alliance member has contacted me). Be on the lookout for target emails pretending to be your airline which have your accurate name, frequent flyer number, and tier status. Also be on the lookout for malicious actors using those details to try and change forward bookings or steal flight credits.

IMPORTANT INFORMATION ABOUT YOUR KRISFLYER ACCOUNT

SITA, an information technology company providing passenger service systems, has informed Singapore Airlines of a data security breach involving their passenger service systems' (SITA PSS) servers. While Singapore Airlines is not a customer of the SITA PSS, another Star Alliance member airline is

All Star Alliance member airlines provide a restricted set of frequent flyer programme data to the alliance, which is then sent on to other member airlines to reside in their passenger service systems. This data transfer is necessary to enable the verification of membership tier status, and to accord to member airlines' customers the relevant benefits while travelling.

As a result, SITA has access to the restricted set of frequent flyer programme data for all 26 Star Alliance member airlines including Singapore Airlines.
We are contacting you as your KrisFlyer data was impacted by this breach of the SITA PSS server. The information involved is limited to your KrisFlyer membership name, membership number and tier status, which is the full extent of the frequent flyer data set that Singapore Airlines shares with other Star Alliance member airlines for this data transfer.
Click to expand...
 
Last edited:
I also got it. Not sure what risk there is with this limited breach. No email addresses/DOB etc.
 
Comoman said:
I also got it. Not sure what risk there is with this limited breach. No email addresses/DOB etc.
Click to expand...
The main concern will be that if they can combine it with another source of data that had your email they can attempt to spear phish you to get into your FF account, which has your DOB, travel history, and some easily liquidated into cash or equivalents points.
With your travel history, they could also impersonate overseas police or customs or similar to claim you owe "fines" - while most won't fall for it, there will be some naive enough to be tricked by such things.
 
Just received this in an email from Air NZ

Kia ora David, We have recently been alerted that a Star Alliance partner has been impacted by a security data breach, involving some of our customers’ data as well as that of many other Star Alliance airlines. The Star Alliance member airlines share minimal frequent flyer data between each other and limited third parties to ensure benefits can be used across different carriers, for example access to member lounges. Unfortunately, some of your information has been involved in this data breach however, this is limited to your name, tier status and membership number. This is the full extent of frequent flyer data Air New Zealand shares with other Star Alliance member airlines. This data breach does not include any member passwords, credit card information or other personal customer data such as itineraries, reservations, ticketing, passport numbers, email addresses or other contact information. What do you need to do? You do not need to do anything. There is no need to change your password or take any other action. Air New Zealand takes data security and privacy seriously and we want to assure you we are working with Star Alliance to ensure stronger systems are in place to prevent any similar issues occurring in the future. We do apologise for any inconvenience this has caused and if you have any further questions, please don’t hesitate to email us at [email protected].
Click to expand...
 
I'm sure one will come through from United as soon as they wake up for the day too. We can at least now confirm this relates to most likely every single Frequent Flyer member in the Star Alliance.

Still unclear if, since it was a system hosted by SITA, the attacker managed to get OneWorld and SkyTeam data.
 
Both of us received an email from SQ.Ours have an extra couple of paragraphs though.


"We are contacting you to inform you that your KrisFlyer data was not impacted by this breach of the SITA PSS server. Your KrisFlyer miles balance was also not compromised.


We would also like to reassure you that none of Singapore Airlines’ IT systems have been affected by this incident. "
 
I received the subsequent UPDATE ABOUT YOUR KRISFLYER ACCOUNT (same as @drron ) but not the first email (IMPORTANT INFORMATION ABOUT YOUR KRISFLYER ACCOUNT)
 
Got the email from KrisFlyer, and this one from United MileagePlus as well.

Screen Shot 2021-03-06 at 10.19.02 am.png
 
Struggling to Redeem Your Frequent Flyer Points?
The Frequent Flyer Concierge team takes the hard work out of finding reward seat availability. Using their expert knowledge and specialised tools, they'll help you book a great trip that maximises the value for your points.

AFF Supporters can remove this and all advertisements

Just got one from AA too. Edited: And now BA too.
 
Last edited:
I get the feeling I'm about to be flooded with more emails from other airlines, a bit like how I kept getting emails from obscure airlines around this time last year advising me of their response to COVID-19...

Do people think it's a good idea to change passwords on frequent flyer accounts with airlines that are affected by this breach?
 
Not sure but AA provide a link to reset your password so maybe.
Just wonder when anyone gets an email from QF?
 
Mattg said:
I get the feeling I'm about to be flooded with more emails from other airlines, a bit like how I kept getting emails from obscure airlines around this time last year advising me of their response to COVID-19...

Do people think it's a good idea to change passwords on frequent flyer accounts with airlines that are affected by this breach?
Click to expand...

There is no harm in changing your password.

What I find interesting though is on one hand they're stating it was only a third party breach and outlined the information that the bad actors could have attained. Passwords (well password hashes) weren't one of the items. So either they're suggesting a password change because it is "seen to be doing something" by the airlines or they haven't been truthful in what the breach is. My gut feeling is it's the former.
 
Daver6 said:
There is no harm in changing your password.

What I find interesting though is on one hand they're stating it was only a third party breach and outlined the information that the bad actors could have attained. Passwords (well password hashes) weren't one of the items. So either they're suggesting a password change because it is "seen to be doing something" by the airlines or they haven't been truthful in what the breach is. My gut feeling is it's the former.
Click to expand...

IMO it's more likely they suggest a password change as there are so many data breaches these days, and so many customers likely use the same password in multiple places, so with the FF details and a password from another place, it's basically a fasttrack to an account compromise.
 
Status
Not open for further replies.

Enhance your AFF viewing experience!!

From just $6 we'll remove all advertisements so that you can enjoy a cleaner and uninterupted viewing experience.

And you'll be supporting us so that we can continue to provide this valuable resource :)


Sample AFF with no advertisements? More..

Recent Posts

Currently Active Users

... and 6 more.
Total: 641 (members: 56, guests: 585)
Back
Top