The same Chinese hackers who previously hit the U.S. Office of Personnel Management, health insurer Anthem, and United Airlines recently breached the systems of American Airlines and of the travel technology company Sabre, Bloomberg News reports.
According to Bloomberg, the breaches are the largest yet to hit the travel industry. A source said the IP addresses used by the OPM hackers matched activity in American Airlines' logs.
Sabre has acknowledged that its systems were breached, but American says no breach has been confirmed.
"Based on our deep and extensive investigations with the help of outside cybersecurity experts, American has found no evidence that our systems or network have experienced a breach like those at OPM or Anthem," American spokesman Casey Norton said.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
"We are working closely with our partners to further investigate," Norton added.
Norton separately told SC Magazine that because American Airlines owns many IP addresses used by other companies, it may appear to have been breached when another firm was actually hit.
And while Sabre said in a statement that it had "recently learned of a cyber security incident," the company added, "We are not aware that this incident has compromised sensitive protected information, such as credit card data or personally identifiable information, but our investigation is ongoing."
In response to the reports, Chinese embassy spokesman Zhu Haiquan told Bloomberg the accusations were "unfounded" and said, "The Chinese government and the personnel in its institutions never engage in any form of cyberattack. We firmly oppose and combat all forms of cyberattacks."
TruSTAR Technology CEO Paul Kurtz told eSecurity Planet by email that the American Airlines and Sabre breaches should drive home the importance of sharing actionable incident reporting. "It previously came out that Anthem, United and OPM were related, now adding American Airlines to the growing list," he said. "It would be naive to think that we have found the only companies compromised."
"If security teams work together the way scientists come together to collectively find cures and manage health risks, we would have a better chance of stopping cascading attacks across multiple sectors," Kurtz added. "Current security practice is seeking to improve the security of the enterprises individually, while the bad guys have perfected the art of sharing exploits and vulnerabilities immediately for nefarious purposes."
"There must be a new paradigm of enabling the good guys to share and collaborate in addition to continuing to improve enterprise security," Kurtz said.
A recent eSecurity Planet article examined the challenges of fighting cybercrime.