United Airlines, the No. 2 largest airline company in the world, was apparently attacked by Chinese hackers in May or June.
If true, it looks like hackers could have been able to collect movement data on millions of American travelers. Passengers, flight origins and destinations, and other data was likely taken by the hackers, according to unnamed officials speaking with Bloomberg.
"Speculation that China is responsible for the United Airlines breach is interesting but at this point, irrelevant," said Jason Polanich, founder and chief architect of SurfWatch Labs. " Too many companies have a false sense of security, thinking it won't happen to them. Pair that with the fact that hacking tools are available to virtually everyone today via illicit trade on the Dark Web and in other places and you've got a recipe for disaster.
"I'm sure this is a wake-up call to all airlines. It's been reported the same investigators that worked on the OPM breach helped United Airlines discover this latest breach. Unfortunately, UA was reacting. They weren't proactively pursuing intelligence; they were waiting for someone to tell them where to look. To be most effective, cyber should intersect with physical and operational security and so many companies aren't thinking that way. The value of intelligence is critically missing."
Many of the large-scale attacks originating from China typically have support from the Chinese government, which is seemingly building a large database of stolen information from the United States. Considering the size of UA, military and US government personnel travel itineraries were likely also stolen by those responsible.