30 Apr 2017

Lufthansa and Air France systems outage plus malware at IHG

Last Thursday Lufthansa experienced a global computer issue which affected passenger boarding worldwide. System functionality was restored very shortly after the outage occurred.

On the same day there was also a short outage of Air France KLM’s Amadeus’s Altéa system. This resulted in flight delays and booking system problems.

Some North American carriers have also recently experienced notable operational issues because of computer glitches. For example, a systems problem at United in January led to all domestic flights being grounded one Sunday evening which then caused extensive delays throughout the US.

These outages pale into insignificance, however, when compared with what Delta Air Lines experienced last August. Its booking system bug lasted three days and resulted in more than 2,000 flights being grounded.

Computer systems failure is becoming part of flying and it can be about far more than a handful of travellers being inconvenienced for a few hours. The Delta outage allegedly affected more than booking systems with stories abounding about disruption also to crew, flight paths and schedules.

For travel managers, concerns can extend beyond who has liability for the extra transport and accommodation costs of corporate travellers.

An example of the challenges cybersecurity breaches can produce came up within 24 hours of the Lufthansa, Air France and Amadeus difficulties, when IHG made a statement about a malware attack on its US properties during a three-month period in 2016.

“The malware searched for track data - including a cardholder's name and card number, expiration date, and internal verification code – read from the magnetic stripe of a payment card as it was being routed through the affected hotel server.”

This means the perpetrators gained all they needed to make use of others’ cards and it appears that 1,200 IHG-branded franchise properties in the US were affected. IHG said that there was no evidence of unauthorised access to payment card data after 29 December 2016 but that a cybersecurity firm hired to investigate the breach did not confirm the malware was eradicated until last month.

Full Article:

Source : | Centaur Media Plc 2014

Read More