Chinese hackers believed to be responsible for cyberattacks on health insurer Anthem, the government's Office of Personnel Management, and United Airlines are now implicated in another breach of one and possibly two major travel companies.
Sabre Corporation, a large travel booking firm, confirmed that its systems were breached recently. Bloomberg News reported that American Airlines, the world's largest airline carrier, is investigating whether its computers were also compromised in the attack.
American refuted reports of a hack, but is looking into the possibility of a system breach.
In a statement, American said it "has worked with outside cybersecurity experts who checked digital signatures, IP addresses and style of attack and there's no evidence to suggest a breach similar to that experienced by the U.S. Office of Personnel Management. There is also no evidence that customer data may have been compromised."
Sources told Bloomberg News that investigators have traced the latest attack to the same group of China-linked hackers who perpetrated the Anthem, OPM and United hacks, and that some elements are consistent with those observed in the OPM hack. Those breaches gained access to tens of millions of health records, social security numbers, personnel profiles, background checks and flight manifests.
Sabre provides reservations software for major airlines and claims to process more than 80 percent of federal travel bookings.
If there is confirmation of a link between these and previous attacks, the hostile actors could potentially be banking a dangerous trove of intelligence on government employees and their travel plans and histories, which could expose strategic operations.
Sabre is a former subsidiary of American's parent company, AMR Corporation. It was spun off in 2000. Bloomberg reports that the two companies share some network infrastructure and that both contracted outside experts to investigate a breach within the last month.
American confirmed that they -- as well as other airlines and travel agents -- work with Sabre for their reservation systems, but do not believe the attack on that company affects their customers in any way. The company is looking into the allegations, but told CBS News there is no evidence at this time to support claims that their own systems were infiltrated.
A statement from Sabre acknowledged a cyberattack, saying, "At this time, we are not aware that this incident has compromised sensitive protected information, such as credit card data or personally identifiable information, but our investigation is ongoing."
Zhu Haiquan, a spokesman for the Chinese embassy in Washington, told Bloomberg any accusation of his country's involvement in hacking was "unfounded" and "counterproductive."