SITA has acknowledged that it was the target of a recent cyberattack. The incident in question occurred on February 24, and may have compromised customer information stored on the company’s Passenger Service System servers in the United States. The company indicated that it has already contacted any affected customers and corporate partners.
While SITA was not terribly forthcoming with regards to the details, it did confirm that its Security Incident Response Team is conducting an investigation in collaboration with external cybersecurity experts. SITA uses the Passenger Service System to process passenger payments for its airline partners, and stated that its IT team took immediate steps to contain the breach once it became aware of the “highly sophisticated” attack.
Airline customers who have any concerns about the handling of their personal data must send their requests to the airline that held that data, in accordance with the latest GDPR regulations. SITA is not legally allowed to respond to such requests on its own.
In its statement, SITA noted that cybercrime has gone up during the COVID-19 pandemic, which has in turn created a need for strong digital security. The company has previously argued that the air travel industry should turn to mobile technologies to improve the passenger experience, highlighting contactless payments as one of the primary benefits for customers.
March 4, 2021 – by Eric Weiss