Jump to content

Data Breach at Thai Airways 3rd party supplier


Recommended Posts

Received the following email from Thai Airway this afternoon- this is real and not spam.



Dear Valued Member,

Thai Airways has been notified of the data breach incident at one of the third-party IT service providers, SITA Passenger Service System (US) Inc. (SITA PSS), which operates passenger processing systems for global airlines. This data security incident involves certain passenger data stored in the SITA PSS which is used to support airline operations. Data transferred among Star Alliance Airlines via passenger service systems is necessary to recognize membership tier status of frequent flyer members, in order to ensure that premium customers are recognized across the Alliance and relevant benefits are provided to them during travel.

Thai Airways was initially informed on 28 February, 2021 that the data breach incident was found on 24 February, 2021. Then, Thai Airways received a completed list of data from SITA on 9 March, 2021.

Although Thai Airways does not adopt the SITA PSS, this data breach on the SITA PSS server has affected Star Alliance airline members. Please note that only necessary information has been shared between Thai Airways and Star Alliance partner airlines, and is limited to the membership number, name, and tier status. Thai Airways does not share any other personal data of Royal Orchid Plus members to SITA PSS. Thus, please rest assured that your encrypted PIN (Personal Identification Number),  mileage balance of your Royal Orchid Plus account,  contact information,  passport number, and birthdate are safe from this incident. There is no need for you to take any action in this matter.

If you have any concerns about this data breach incident with SITA PSS or would like to know our measures regarding data security, please feel free to contact Thai Airways' Data Protection Officer at [email protected] or if you are residing in EU countries, contact our representative  at [email protected]. For your membership account enquiries, please contact Royal Orchid Plus member service directly,  here 

Sincerely yours,
Royal Orchid Plus 
Thai Airways International Public Company Limited"

Link to comment
Share on other sites

Received a similar email from Qatar regarding SITA:

"We have been notified by SITA Passenger Service System (US) Inc. (SITA) of a data security incident impacting their servers, involving the passenger data of many airlines.

The incident involved hackers penetrating SITA’s systems who accessed a limited set of customer data. The data in question relates to names, membership numbers, tier status and in some cases meal and seat preferences. Unfortunately, some of our Privilege Club members were impacted and this data was exposed. Please be assured that this was not a breach of Qatar Airways’ systems."

Link to comment
Share on other sites

  • Create New...