Singapore Airlines disclosed on 5 March 2021 that its KrisFlyer frequent flyer programme member data had been compromised through the SITA Passenger Service System breach disclosed on 4 March 2021. Approximately 580,000 Singapore Airlines KrisFlyer and PPS Club frequent flyer members had their data accessed. Exposed data included KrisFlyer member tier status and membership number. Singapore Airlines emphasised that financial information, passport details, email addresses, phone numbers, and full dates of birth were not among the data accessed from SITA’s servers. Singapore Airlines took the breach very seriously given its status as Singapore’s national carrier and the sensitivity of frequent flyer data. The PDPC (Singapore’s Personal Data Protection Commission) was notified. Singapore Airlines had previously achieved certification under Singapore’s data protection trust mark. The SITA breach simultaneously affected Star Alliance partners including Air India (4.5M passengers affected), Finnair, Jeju Air, Japan Airlines, Lufthansa, and Malaysia Airlines — demonstrating how aviation supply chain concentration creates systemic privacy risk across multiple carriers from a single vendor breach.