United Airlines Breached, Chinese Hackers Suspected

United Airlines has suffered a data and network breach from the same hackers who stole millions of government employees’ data in recent months, according to investigators.

United Airlines, the world’s second largest airline has been the target of the same hackers who recently breached the US Government’s Office of Personnel Management to steal personal information about over 22 million Americans. The clandestine attack and breach took place around the same time when tens of millions of employees’ information was stolen, revealed a report in Bloomberg.

While the airline is yet to release a public statement about the subject, they have confirmed the incident of the attack to Bloomberg. Numerous security researchers have and currently are broadly speculating that the Chinese state-sponsored hackers are amassing a comprehensive database with a goal. That goal is to combine the stolen data from the personnel management office to then cross-reference flight plans and itineraries to have a quick, searchable index to catalog all movements and transits of federal employees.

The breach

United Airlines first detected suspicious activity in its network and computer systems in late May or early June, according to those familiar with an investigation. The breached information is likely to be added to an expanding list of key U.S. industries, installations and institutions that have already been compromised. Bloomberg reports that one particular individual familiar with the investigation also revealed that flight manifests were stolen during the breach, which included:

  • Passenger information. Names, details and more.
  • Flight paths.
  • Origins and destinations of the passengers.

The breach is particularly significant because United is the primary airline operating in and out of Washington, DC’s Dulles International airport. This is the nearest international airport to Langley, which houses CIA’s headquarters in Virginia.

Dave Aitel, CEO of Immunity, Inc., a cybersecurity firm, sees the relevance.

“Every CIA employee and visitor coming from abroad flies in and out of Dulles, and chances are they’re flying United,” Aitel said.

“The combination of information [the hackers] obtained from OPM with the travel information they now have from United is hugely powerful”, Aitel noted of the Chinese, “and it will make the kind of work the CIA does much more difficult.”

Furthermore, hackers could already have the means to cross-reference international flights taken by Chinese officials with trips taken by US Govt. personnel at the same time to the same cities, according to James Lewis at the Center for Strategic and International Studies in Washington.

“You’re suspicious of some guy; you happen to notice that he flew to Papua New Guinea on June 23 and now you can see that the Americans have flown there on June 22 or 23,” Lewis said. “If you’re China, you’re looking for those things that will give you a better picture of what the other side is up to.”

Stay tuned for this developing story. We will keep you updated as more information comes to the fore.