Cyber Incident Victim: SITA

On March 5, 2021, SITA, a critical communications and IT provider serving approximately 90% of global airlines, disclosed a significant cybersecurity breach impacting its U.S.-based infrastructure. The company confirmed unauthorized access to servers located in Atlanta, Georgia, which hosted its Passenger Service System (SITA PSS). This system managed airline passenger data processing operations for numerous carriers worldwide. SITA characterized the intrusion as a "highly sophisticated attack" targeting its U.S. operations segment, though specific technical details about the attack vector or duration of unauthorized access remained undisclosed. The compromised servers belonged to SITA's Passenger Service System division, part of a broader corporate structure headquartered within the European Union.

The breach directly affected sensitive passenger information stored on the Atlanta-based servers, specifically compromising frequent-flyer program data across multiple airline customers. As a central provider of passenger data systems, the incident created cascading impacts across SITA's extensive client network of international airlines. No specific airlines were named in initial disclosures, but the widespread nature of SITA's operations suggested broad sectoral exposure. The company's public statement, delivered through spokesperson Edna Ayme-Yahil, confirmed the geographic location of breached assets but did not disclose quantitative details regarding affected passengers or airlines. SITA initiated incident response protocols focused on securing compromised systems, though containment measures and forensic investigation timelines were not publicly detailed. The incident highlighted supply chain vulnerabilities in aviation IT infrastructure through the compromise of a single vendor supporting nearly all major airlines globally.