KA leaked passengers personal data

Reply Subscribe

Thread Tools

Search this Thread

Aug 7, 2011, 5:06 pm

JALPak

Ambassador: Japan Airlines

Original Poster

Join Date: Mar 2008

Location: LAX

Programs: JAL Mileage Bank, JMB Diamond, oneworld Emerald, Bonvoy Platinum

Posts: 16,409

KA leaked passengers personal data

http://www1.hk.apple.nextmedia.com/t...rt_id=15503305

According to Apple Daily, KA has leaked passengers data including passport numbers, names, and itineraries accidentally. One of their reservation call center staffs accidentally sent those information to another passenger.

KA said it is an isolated incident. They will implement extra measures and all e-tickets will be encrypted will password.

No mention of whether KA has informed the affected passengers (total of 5) and whether they have provided compensations such as ID theft monitoring to them. I hope they don't encrypt the e-tickets with the same password

Aug 7, 2011, 7:06 pm

CX HK

Join Date: Jan 2011

Posts: 2,356

Looks like this just comes down to plain carelessness by the staff and not a hacking incident or widespread error.

Aug 7, 2011, 7:14 pm

sxc

FlyerTalk Evangelist

Join Date: Dec 2004

Programs: CX Green, QF Platinum, BAEC Silver, Hyatt Glob

Posts: 10,780

I will be p..sed if they decide to make you enter a password to view an e-ticket. Just pathetic.

Aug 7, 2011, 9:08 pm

Cathay Boy

Join Date: May 2009

Posts: 6,978

It's a simple mistake, but I forsee KA will introduce "measures" that will either make it tougher for KA staff to do their jobs, or for pax to view their info. People really need to lighten up and realize people make honest mistakes, and then just let it go. Now, if this is a common occurence then we have a problem and "measures" do need to be considered.

Aug 7, 2011, 10:08 pm

JALPak

Ambassador: Japan Airlines

Original Poster

Join Date: Mar 2008

Location: LAX

Programs: JAL Mileage Bank, JMB Diamond, oneworld Emerald, Bonvoy Platinum

Posts: 16,409

Quote:

Originally Posted by sxc

I will be p..sed if they decide to make you enter a password to view an e-ticket. Just pathetic.

Sounds like that's what they will do. At least that's what the article suggested

But more importantly how are they going to determine the password? Do you have to provide one during booking? Or they just generate one for you and send it via a separate email?

Last edited by JALPak; Aug 7, 2011 at 10:41 pm

Aug 7, 2011, 10:11 pm

JALPak

Ambassador: Japan Airlines

Original Poster

Join Date: Mar 2008

Location: LAX

Programs: JAL Mileage Bank, JMB Diamond, oneworld Emerald, Bonvoy Platinum

Posts: 16,409

Quote:

Originally Posted by Cathay Boy

But isn't it a better practice to not send the e-ticket through email? Just have them to download that through the website should fix this careless issue?

Aug 7, 2011, 10:11 pm

JALPak

Ambassador: Japan Airlines

Original Poster

Join Date: Mar 2008

Location: LAX

Programs: JAL Mileage Bank, JMB Diamond, oneworld Emerald, Bonvoy Platinum

Posts: 16,409

Quote:

Originally Posted by CX HK

Looks like this just comes down to plain carelessness by the staff and not a hacking incident or widespread error.

Yes, it is only an isolated incident caused by carelessness of their staff. That's why they want to implement extra measures to avoid this from happening again in the future

Last edited by JALPak; Aug 7, 2011 at 10:41 pm

Aug 7, 2011, 11:49 pm

Cathay Boy

Join Date: May 2009

Posts: 6,978

Quote:

Originally Posted by JALPak

But isn't it a better practice to not send the e-ticket through email? Just have them to download that through the website should fix this careless issue?

Not everyone is as internet savvy as you are. You will be surprise at 2011 how many people are still struggling with the fundamentals of downloading, surfing, etc.

Also, sending e-ticket to the pax email should of been an easy and automated task. Can't believe KA still requires people to do it by hand?

Aug 8, 2011, 12:01 am

JALPak

Ambassador: Japan Airlines

Original Poster

Join Date: Mar 2008

Location: LAX

Programs: JAL Mileage Bank, JMB Diamond, oneworld Emerald, Bonvoy Platinum

Posts: 16,409

Quote:

Originally Posted by Cathay Boy

Well those people probably can't open the encrypted e-tickets either

Well, they probably still someone to select the tickets to send to the passengers after the booking is done over the phone? But what surprised me is that it contains passport numbers in the attachment! That's just wrong and is not a good practice at all. They definitely don't need passport info there.

I don't recall seeing passport info on my CX e-ticket few months ago...but the report says the e-tickets contain passport numbers of some of the 5 passengers affected...

Quote:

電子機票上有各人的姓名、部份護照號碼、前往目的地、出發日期等個人資料。

Aug 8, 2011, 12:04 am

#10

CX HK

Join Date: Jan 2011

Posts: 2,356

Quote:

Originally Posted by Cathay Boy

Also, sending e-ticket to the pax email should of been an easy and automated task. Can't believe KA still requires people to do it by hand?

I don't think KA sent out those e-tickets by hand, given the fact that two people were traveling together, and the other three were probably traveling together OR were booked in chronological order.

My guess is that the TA booked these five people who were traveling in separate groups but forgot to separate them internally and made them all under one booking, in which ALL of their e-tickets were sent to one person. The other people probably never received their e-tickets.

So yes, this is just a simple human error and not a fundamental error within KA's booking system or whatnot.

Aug 8, 2011, 12:07 am

#11

JALPak

Ambassador: Japan Airlines

Original Poster

Join Date: Mar 2008

Location: LAX

Programs: JAL Mileage Bank, JMB Diamond, oneworld Emerald, Bonvoy Platinum

Posts: 16,409

Quote:

Originally Posted by CX HK

Actually the passenger who received all of the e-tickets booked with KA directly over the phone. But the report didn't indicate whether she booked her travel companions' tickets in the same phone call or not. 2 of the passengers affected are her friends but the other 3 are complete strangers.

Aug 8, 2011, 4:51 pm

#12

Guy Betsy

FlyerTalk Evangelist

Join Date: May 2000

Location: Little dot in Asia

Programs: AA-EP, TK-*G, HL-DM, HY-GLO, MR-LTP

Posts: 25,935

Its not only KA , I've been sent an itinerary from CX belonging to someone else but on my email !

Aug 8, 2011, 5:22 pm

#13

JALPak

Ambassador: Japan Airlines

Original Poster

Join Date: Mar 2008

Location: LAX

Programs: JAL Mileage Bank, JMB Diamond, oneworld Emerald, Bonvoy Platinum

Posts: 16,409

Quote:

Originally Posted by Guy Betsy

Its not only KA , I've been sent an itinerary from CX belonging to someone else but on my email !

wow did you tell them about it?? Now it sounds more like a repeated error and something wrong in their workflow

Aug 8, 2011, 6:39 pm

#14

Guy Betsy

FlyerTalk Evangelist

Join Date: May 2000

Location: Little dot in Asia

Programs: AA-EP, TK-*G, HL-DM, HY-GLO, MR-LTP

Posts: 25,935

Not only that, once in a phone conversation when changing an award ticket, I asked that the same cc be used.. and the agent blabbed out a cc that was not mine!

Aug 8, 2011, 6:55 pm

#15

JALPak

Ambassador: Japan Airlines

Original Poster

Join Date: Mar 2008

Location: LAX

Programs: JAL Mileage Bank, JMB Diamond, oneworld Emerald, Bonvoy Platinum

Posts: 16,409

Quote:

Originally Posted by Guy Betsy

Not only that, once in a phone conversation when changing an award ticket, I asked that the same cc be used.. and the agent blabbed out a cc that was not mine!

WTH!? They aren't supposed to read out ANY information of that kind. The usual way to do it is "the master card ending with 1234?" not the entire CC number! I should have used an one-time CC number to buy my last CX ticket. It sounds like they have no idea what ID theft is and aren't even aware of the best practice when handling personal data

Reply Share

First
Prev
1 / 2
Next
Last

Forum Jump