News is slowly filtering out of a substantial personal data breach affecting both the various Star Alliance and Oneworld airlines, and in particular data relating to members of their airlines’ frequent flyer programmes.
It appears that certain Star Alliance and Oneworld member airlines make use of SITA, a Cloud computing business that holds personal data to enable easy verification of frequent flyer status between Oneworld/Star Alliance members. In short, SITA’s databases have been compromised, leading to the exposure of the following information for certain members of loyalty schemes for the airlines in Oneworld and Star Alliance members:
- Membership number
- Tier status
- Membership name.
The data breach has not led to the release of passwords, credit card information, or any other customer data such as email addresses.
While potentially more widespread, this data breach is substantially less serious than the recent British Airways issue, which even led to some credit card information being released.
However, check your emails as the various Oneworld and Star Alliance member airlines have, in accordance with their regulatory obligations, begun to email loyalty scheme members. If you receive an email sating your data has been compromised, you should take the necessary steps recommended to secure your information.
At a time when personal data breaches are being treated with increasing severity, and airlines are having a hard time of it regardless, this is clearly bad news for a number of airlines looking to restore customer confidence. However, it’s reassuring to see a number of such airlines dealing with the matter swiftly, openly and honestly.
It’s not yet clear to us if other airline loyalty alliances – such as Skyteam – have been affected. We will update this post should any more information come to light.