"The previously unreported United breach raises the possibility that the hackers now have data on the movements of millions of Americans, adding airlines to a growing list of strategic U.S. industries and institutions that have been compromised," according to Bloomberg.
The filched data includes manifests -- which lists information on flights’ passengers, origins and destinations.
United is one of the biggest airline service providers to the federal government, making it a rich depository of data on the travel of American officials, military personnel and contractors.
“You’re suspicious of some guy; you happen to notice that he flew to Papua New Guinea on June 23 and now you can see that the Americans have flown there on June 22 or 23,” James Lewis, a senior fellow in cybersecurity at the Center for Strategic and International Studies, tells Bloomberg “If you’re China, you’re looking for those things that will give you a better picture of what the other side is up to.”
The China-backed hackers often insert the name of their target in web domains, phishing e-mails and other attack infrastructure.
One web domain apparently set up for the United attack -- UNITED-AIRLINES.NET -- was established in April 2014. The domain was registered by a James Rhodes. That name is the alias of the character War Machine in Marvel Comics’ Iron Man. Security companies tracking the OPM hackers say they often use Marvel comic book references as a way to “sign” their attack.