Air NZ issues apology for data breach involving Airpoints members

Source: 1News

Some Air New Zealand Airpoints members were contacted today with news they had been victims of a data breach.

Air NZ planes.

“We have recently been alerted that a Star Alliance partner has been impacted by a security data breach, involving some of our customers’ data as well as that of many other Star Alliance airlines,” the email to affected customers said.

“The Star Alliance member airlines share minimal frequent flyer data between each other and limited third parties to ensure benefits can be used across different carriers, for example access to member lounges.

“Unfortunately, some of your information has been involved in this data breach however, this is limited to your name, tier status and membership number. This is the full extent of frequent flyer data Air New Zealand shares with other Star Alliance member airlines.

“This data breach does not include any member passwords, credit card information or other personal customer data such as itineraries, reservations, ticketing, passport numbers, email addresses or other contact information."

It appears the breach has occurred at SITA – a company that provides passenger processing systems for airlines.

The company works with 90 per cent of the airline industry and said in a statement today a cyberattack had occurred on its system on 24 February. 

“We recognize that the Covid-19 pandemic has raised concerns about security threats, and, at the same time, cyber-criminals have become more sophisticated and active. This was a highly sophisticated attack.

“SITA acted swiftly and initiated targeted containment measures. The matter remains under continued investigation by SITA’s security incident response team with the support of leading external experts in cyber-security."