United Airlines reportedly hacked by same APT that breached OPM, Anthem. Let’s try to understand why and which are the risks for the US citizens.

A Chinese APT group  believed to be responsible for a series of high-profile data breaches that affected the U.S. Office of Personnel Management, the Anthem, and more recently the United Airlines.

According the media agency Bloomberg, the United Airlines detected a cyber attack into its computer network at the end of May or early June, the journalists cited some unnamed sources familiar with the incident.

The source confirmed that the hacking crew that hacked United Airlines systems is the same APT that successfully carried out several cyber attacks.

Why the hackers targeted the United Airlines?

The investigators suspect that the Chinese APT is gathering information on million of Americans to run further attacks.

“The previously unreported United breach raises the possibility that the hackers now have data on the movements of millions of Americans, adding airlines to a growing list of strategic U.S. industries and institutions that have been compromised. Among the cache of data stolen from United are manifests — which include information on flights’ passengers, origins and destinations — according to one person familiar with the carrier’s investigation.” states Bloomberg.

The situation is scaring, if the news is confirmed, the Chinese hackers can cross this data with records stolen from the federal personnel office discovering the movements of personnel working in defense and intelligence, including contractors that are privileged targets for cyber espionage campaign. The situation is worse if we consider that possibility that hackers could cross-reference the huge amount of data with stolen medical and financial records, revealing possible avenues for blackmailing or recruiting people who have security clearances.

When cyber security experts reference Chinese APT, in the majority of cases they consider these groups linked to the Government of Beijing.