KrisFlyer member data affected by data breach at information tech firm SITA

THE frequent flyer programme information of some 580,000 KrisFlyer and Singapore Airlines (SIA) Priority Passenger Service (PPS) members has been compromised by a cyber attack on servers at air transport information technology company SITA.

The incident took place on Feb 24, 2021, and involved the servers of SITA's Passenger Service System (US) Inc, which operates passenger processing systems for airlines.

The information in the data breach is limited to membership numbers and tier statuses, as well as membership names in some cases.

SITA said it took "immediate action" to contact affected customers and all related organisations.

Although SIA is not a customer of SITA, it is affected by the breach through its membership in the Star Alliance.

SITA had access to a restricted set of frequent flyer programme data from Star Alliance member airlines including SIA, through one of its customers, another Star Alliance member airline.

Member airlines provide this data to the alliance in order to enable verification of membership tier status and provide customers with the relevant benefits when they travel with Star Alliance airlines.

The data that SIA shares with other Star Alliance member airlines for these purposes does not include customer data such as member passwords, credit card information, itineraries, reservations, ticketing, passport numbers and e-mail addresses. As a result, these details are not affected by the breach at SITA.

SIA said that none of its IT systems have been affected, and the airline is reaching out to all KrisFlyer and PPS members to inform them about the incident.

"The protection of our customers' personal data is of utmost importance to Singapore Airlines, and we sincerely regret the incident and apologise for the inconvenience caused," the airline said in a statement on Thursday night.

"We will work with our partners to review the current procedures, and will take all necessary steps to improve data security."