United Airlines Hacked; Data Stolen

Discussion in 'United Airlines | MileagePlus' started by genemk2, Jul 29, 2015.  |  Print Topic

  1. genemk2

    genemk2 Gold Member

    Messages:
    5,830
    Likes Received:
    14,580
    Status Points:
    11,070
    Bloomberg News is reporting that United Airlines was hacked earlier in the year, with information such as flight manifests and corporate secrets being stolen. No mention of any credit card data or usernames/passwords being stolen at this time.

    http://www.bloomberg.com/news/artic...s-that-hit-u-s-said-to-breach-united-airlines

    Eagerly waiting a response from @UA Insider.
     
    8MiHi, iolaire, Sammich and 2 others like this.
  2. Wandering Aramean
    Original Member

    Wandering Aramean Gold Member

    Messages:
    28,208
    Likes Received:
    61,734
    Status Points:
    20,020
    I wouldn't hold your breath.
     
    8MiHi, genemk2, alfagirl and 8 others like this.
  3. COFreqFlyer
    Original Member

    COFreqFlyer Gold Member

    Messages:
    4,764
    Likes Received:
    8,698
    Status Points:
    7,270
    Precisely what I was going to say.
     
    rggale, genemk2, Sammich and 2 others like this.
  4. Sammich

    Sammich Gold Member

    Messages:
    5,644
    Likes Received:
    22,439
    Status Points:
    11,025
    "We can neither confirm nor deny the existence of the information requested but, hypothetically, if such data were to exist, the subject matter would be classified, and could not be disclosed."
     
  5. iolaire
    Original Member

    iolaire Gold Member

    Messages:
    3,510
    Likes Received:
    5,767
    Status Points:
    4,170
    Doesn't California mandate breach reporting? How long do companies have to do that and thus confirm the breach?
     
    Newscience likes this.
  6. Weatherboy

    Weatherboy Gold Member

    Messages:
    4,195
    Likes Received:
    7,437
    Status Points:
    5,245
    More interesting is the Chinese mapped frequent flyer data with the military database they hacked, giving them a good idea of movement of CIA and others. Wonder if this means theyll change policies in which government workers wont be allowed to use #FF numbers for fear of being tracked.
     
  7. HaveMilesWillTravel
    Original Member

    HaveMilesWillTravel Gold Member

    Messages:
    12,503
    Likes Received:
    20,197
    Status Points:
    16,520
  8. Wandering Aramean
    Original Member

    Wandering Aramean Gold Member

    Messages:
    28,208
    Likes Received:
    61,734
    Status Points:
    20,020
    Only if "Personal Information" is compromised. In this case it is unclear that happened:
    UA doesn't have your SSN and if CC data wasn't breached then they likely are not required to notify per the rules.
     
    8MiHi, iolaire and genemk2 like this.
  9. HaveMilesWillTravel
    Original Member

    HaveMilesWillTravel Gold Member

    Messages:
    12,503
    Likes Received:
    20,197
    Status Points:
    16,520
    Passport data?
     
  10. Black Cloud
    Original Member

    Black Cloud Gold Member

    Messages:
    4,895
    Likes Received:
    21,505
    Status Points:
    10,720
    Federal trumps state. If the FBI was involved (which I'm sure they are) and they wanted to keep the breach confidential while they investigated then that would trump State level disclosure requirements.
     
  11. HaveMilesWillTravel
    Original Member

    HaveMilesWillTravel Gold Member

    Messages:
    12,503
    Likes Received:
    20,197
    Status Points:
    16,520
    Maybe the FBI should then also investigate who those people are who are involved in the probe and had nothing better to do than to blabber to the press about it. If I had to guess, they are working for a three letter agency, too. Can't really have it both ways (trump state law, blabber to the press)
     
  12. Black Cloud
    Original Member

    Black Cloud Gold Member

    Messages:
    4,895
    Likes Received:
    21,505
    Status Points:
    10,720
    What makes you think this wasn't a controlled and deliberate release of information?


    Sent from my iPhone using Tapatalk
     
  13. HaveMilesWillTravel
    Original Member

    HaveMilesWillTravel Gold Member

    Messages:
    12,503
    Likes Received:
    20,197
    Status Points:
    16,520
    What would be the purpose? Political? (make China look bad/evil? While at the same time make US look stupid/incompetent?)
     
  14. Black Cloud
    Original Member

    Black Cloud Gold Member

    Messages:
    4,895
    Likes Received:
    21,505
    Status Points:
    10,720
    I don't work for any government agency or for UA so this is purely my conjecture but UA had an ethical and fiduciary duty to inform their customers and shareholders of the breach. I'm sure they worked closely with the investigating Government agency to provide timely notification that didn't compromise the ongoing investigation.

    Similar to when someone commits a crime in your neighborhood. The police may or may not release information about that crime and when they do, they may release only certain pieces of information in a controlled manner to protect the integrity of the investigation and the Prosecution for the crimes.

    Using a more relevant scenario when this issue was publicized it was about a year after the hacks were first identified by the companies and/or the Government agency that was tracking.

    And yes, the US is shining a light on Chinese Govt based cyber security attacks for geo-political reasons. And I'm not sure how this makes the US look stupid/incompetent seeing as this was State sponsored against individual companies (and I have no doubt our Government is engaged in similar cyber espionage).
     
    Last edited: Jul 30, 2015
  15. Wandering Aramean
    Original Member

    Wandering Aramean Gold Member

    Messages:
    28,208
    Likes Received:
    61,734
    Status Points:
    20,020
    Because UA is awful at everything. Duh.
     
  16. HaveMilesWillTravel
    Original Member

    HaveMilesWillTravel Gold Member

    Messages:
    12,503
    Likes Received:
    20,197
    Status Points:
    16,520
    So I have been thinking about this... Federal law trumps state law if in conflict, but what you seem to be saying here is that a federal agent (or agency) can order a person or company to ignore/violate state law. Is that really the case? I am not a lawyer, but that seems... surprising. Or is there a federal law that the CA state law conflicts with? In which case, wouldn't that be a method for all companies with breaches to ignore those state laws that require disclosure. (CA isn't the only one)
     

Share This Page