By Linda Fox | February 25, 2019
In a statement, the distribution giant says that while there was no “unauthorized access to the system,” a Resbird employee who had rights to access the systems had illegally taken information from a number of passenger name records (PNRs).
The employee is then believed to have passed the information to a third party that specializes in SIM cards for mobile phones.
According to the Amadeus statement, the PNR information included name, contact details and travel itineraries.
In a small number of cases, it may also have included passport details.
The information accessed came from India-based travel agents and involved only tickets issued in India.
The statement says a number of actions have been taken, including the employment terminated for the person involved and a report filed with the police in India.
It is not known how many records were accessed, but Amadeus felt it was large enough to file a report with the Spanish data protection authority.
The company is also conducting a review of the data compromised, which goes back to the end of June 2018.
It has also sent a “cease and desist letter” to the SIM card company for the stolen information to be returned or destroyed.
PhocusWire has contacted Resbird for comment.
The Bottom Line:
Amadeus’s partner distributor, Resbird Technologies, was infiltrated and robbed of private user information. The theft was not due to hacking, per say; rather, an employee stole the information and then sold it to an unknown third party. The company responded quickly to shut down the SIM card numbers and try its best to recuperate what was lost, yet the robbery indicates a larger problem of growing insecurity of customer privacy.
Resbird Technologies, is an independent information distribution company of Amadeus, which suffered a theft of information illegally, taking data from customers as well as their personal information, their itineraries and in some cases they could also access passport details of certain passengers.
- Passenger information systems are not fully insured, as customers’ information can easily be accessed.
- There is no concrete or accurate record of how many records were stolen, however, Amadeus submitted a report requesting the protection of the data.
- As a resolution measure, it was decided to terminate the work of the person involved as well as the corresponding report to the competent authorities.
- You have also sent a “cease and desist letter” to the SIM card company to have the stolen information returned or destroyed.
If the news helped you and would like to get advice to take advantage of this information, contact us. Visit: http://www.brandingdestination.com/