Oh SITA: Airline IT provider confirms passenger data leaked after major 'cyber-attack'

Oh SITA: Airline IT provider confirms passenger data leaked after major 'cyber-attack'

Not that many planes are taking off these days, but that didn’t stop the flight of passenger records from servers belonging to aviation tech supplier SITA after it was hit by a "cyberattack".

In a public disclosure, the Swiss outfit confirmed it had last month fallen victim to a wide-ranging data security incident that ensnared passengers from some of the world’s largest airlines.

SITA told The Reg:

As the company hinted, this may not be an exhaustive list, and could lengthen as more airlines issue warnings to punters.

Per its own website, SITA has over 2,500 customers in the aviation industry, spanning 200 countries and territories. It also claims its tech is used in 90 per cent of “international destinations.”

SITA didn’t elaborate on the nature or extent of the attack, other than to describe it as “highly sophisticated but limited.” According to its own disclosure, the attackers obtained passenger records from servers hosted in an Atlanta, Georgia data centre operated by an American subsidiary.

It said: "The total period during which the cyber-attacker(s) were able to access SITA’s systems was less than a month. By global and industry standards, this cyber-attack was identified extremely quickly. The seriousness of the cyber-attack was identified on February 24th, 2021 – at which point SITA immediately began the process of notifying the affected parties."

Clop ransomware gang leaks online what looks like stolen Bombardier blueprints of GlobalEye radar snoop jet


It’s not clear how ..