Originally Posted by headinclouds
(Post 30355047)
Well, I have received 3 emails from CX in the last 2 days: Deal of the Month & credit card offers. I'm not an MPO nor Aisa Miles member and the last paid ticket was part of a RTW ticket in Feb 2018. Before that Oct 2015. I wonder if I should be concerned being in the USA.
|
Originally Posted by londonexpert
(Post 30354956)
Seems BA and CX are trying to out do each other:
Since our announcement on September 6, 2018 regarding the theft of our customers’ data, British Airways has been working continuously with specialist cyber forensic investigators and the National Crime Agency to investigate fully the data theft. We are updating customers today with further information as we conclude our internal investigation. The investigation has shown the hackers may have stolen additional personal data and we are notifying the holders of 77,000 payment cards, not previously notified, that the name, billing address, email address, card payment information, including card number, expiry date and CVV have potentially been compromised, and a further 108,000 without CVV. The potentially impacted customers were those only making reward bookings between April 21 and July 28, 2018, and who used a payment card. While we do not have conclusive evidence that the data was removed from British Airways’ systems, we are taking a prudent approach in notifying potentially affected customers, advising them to contact their bank or card provider as a precaution. Customers who are not contacted by British Airways by Friday 26 October at 1700 GMT do not need to take any action. In addition, from the investigation we know that fewer of the customers we originally announced were impacted. Of the 380,000 payment card details announced, 244,000 were affected. Crucially, we have had no verified cases of fraud. We are very sorry that this criminal activity has occurred. As we have been doing, we will reimburse any customers who have suffered financial losses as a direct result of the data theft and we will be offering credit rating monitoring, provided by specialists in the field, to any affected customer who is concerned about an impact to their credit rating. sorry: 2 hours ago... |
Originally Posted by kaka
(Post 30355082)
when was this!?!?!!?!?
IAG Printer Friendly Version - News Release |
Originally Posted by tobiashenry
(Post 30355057)
Is it possible to do a class action against them? Or any recourse there is?
Your paranoia about other people knowing your name, HKID, address and DOB (none of which is actually secret) is not cause for a class action IMHO. |
These [expletive] at
"We are contacting you to make you aware of a data security event that involves some of your personal data. We are very sorry for any concern that this event may cause you, and this notice will provide you with information about what happened and how we can assist you." A data security event is a data security conference or convention. An event is the HK Sevens. This is a data privacy breach and these [expletive] can't even / don't even have enough respect and decency for their customers to be candid about describing what has happened. Even the subject line of the email I received was "Important information about your personal data" not Notice of Breach of Your Data Privacy or something clearer. The email I received this morning stated the following types of personal data about me were accessed:
|
I have received two identical emails on this topic in the last 45 minutes - thank you Rupert, I heard you the first time.
What is a major concern is they are not stating what parts of our travel/ loyalty profile were accessed. Anyone signed up to the IdentityWorks service? |
Originally Posted by FlyPointyEnd
(Post 30353315)
so what happens if the ID Monitoring Services is not available?
For extraterritorial application of the DPA, see https://www.privacy.gov.ph/data-privacy-act/#6 If my understanding is correct, given the extent and size of CX's business in the Philippines, it has to comply with the DPA and its Implementing Rules and Regulations and thus would have to have a Data Privacy Officer (DPO) in the Philippines. Hopefully that DPO should answer what kind of ID Monitoring Services are available. If you can't get a hold of the DPO for CX in the Philippines, I suggest that you reach out to Rob Bradshaw, CX Philippines Country Manager and apply some pressure on him to get an answer. |
Originally Posted by beach86
(Post 30355246)
What is a major concern is they are not stating what parts of our travel/ loyalty profile were accessed. indeed... i didAnyone signed up to the IdentityWorks service? |
I'd just like to point out that if you were a hacker aiming at identity theft then someone like IdentityWorks would be your #1 target.
I'm not convinced that the best approach to someone maybe having some of your personal identifiers is to share them all with yet another company who must be high risk. |
Originally Posted by kaka
(Post 30355079)
i'm just saying but seeing that not many CC was compromised AND some has never-used MPO accounts compromised, it might be MPO accounts that's problematic, not non-member fliers.
The following personal information about you was accessed:
|
Sounds like their "test" databases used by IT is compromised. The "test" data usually comes from real data with certain fields masked / removed.
Or could be data used for marketing purpose, by outside firms. Each marketing campaign selects clients based on different sets of criteria. |
The following personal information about you was accessed:
I don't have HKID! |
Furious
Received last night 21:12 PDT The following personal information about you was accessed:
|
i got the email notice 10:58am pacific....
The following personal information about you was accessed:
Your travel or loyalty profile was not accessed in full, and your password was not compromised. i do not have an account with them - i use my alaska FF when i fly them SFO-India.... i am not too concerned if only address / name / title are compromised ... but i am not sure if i trust them if only that data were indeed leaked.--HAF |
Took all my s**t.
The following personal information about you was accessed:
|
All times are GMT -6. The time now is 6:07 am. |
This site is owned, operated, and maintained by MH Sub I, LLC dba Internet Brands. Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Designated trademarks are the property of their respective owners.