Report: United Airlines Breached By China-Based Hackers


Printer-friendly version Email this CRN article

United Airlines has reportedly become the latest target of a state-sponsored hacker as attacks extend beyond inter-state squabbles and toward the enterprise.

The airline detected an intrusion in May or early June and further investigation linked the attack to China-based hackers, according to a Bloomberg report Wednesday that cited sources with knowledge of the investigation. The report said hackers accessed airline records, including flight passenger information, origin and destinations. The report did not say how many records were accessed or whether passenger personal information was accessed.

The reported breach comes on the heels of an apparently unrelated computer glitch earlier this month that grounded flights across the country for over an hour.

[Related: The 10 Biggest Data Breaches Of 2015 (So Far)]

United Airlines denied the breach in a statement to CRN:

“These reports are based on pure speculation, and we can assure our customers that their personal information is secure. We remain vigilant in protecting against unauthorized access and use top advisors and best practices on cyber-security to maintain our effectiveness," a spokesperson for the company said in an email.

The report said the China-based hackers were the same group that targeted the Office of Personnel Management earlier this year, causing one of the largest breaches in history.

United Airlines, as the second-largest airline, poses a tantalizing target for hackers looking to harvest a vast collection of information, according to Jeff Schmidt, CEO and founder of JAS Global Advisors, a Chicago-based high-end security consulting firm focusing on the financial and government verticals. However, Schmidt said, it is important to note that there are multiple China-based hacking groups that don't share information.

While most of the attention for data breaches focuses on hackers who target specific information for immediate financial gain, Schmidt said harvesting is a common hacker technique in state-sponsored attacks as it allows them to build a comprehensive user profile for future use.

"Foreign intelligence services and other intelligence services are very good at this broad harvesting of information, not knowing exact when and where it will be used for, then using it and presenting it where they can," Schmidt said. "With the United data, ... you could learn what meetings and what conferences people are going to, who is traveling together. There's all sorts of data mining that we could do from that data. ... You can certainly start to tell an interesting story with people."

In the last ten years or so, Schmidt said many state-sponsored hackers have been expanding their attack reach from government peers to enterprises, a trend echoed by this most recent alleged United breach.

Printer-friendly version Email this CRN article