KrisFlyer Data Breach
Jan 5, 2019, 11:03 pm
#1
Original Poster
Join Date: Dec 2006
Location: Australia
Posts: 39
KrisFlyer Data Breach
I received the following email from SQ this morning. I got a phone call from them advising me my FF number has been changed and to log-in with the new number and select a new PIN
.........................Due to a software bug following a change to our website homepage on 4 January 2019, we have been made aware of a number of cases in which a customer when logged in to his or her KrisFlyer account, under certain specific conditions, may have been able to see selective details of another customer. Investigations based on system logs have since determined that there were 284 such cases in total. You are receiving this email because the following details of yours may have been viewed by another customer: - Passenger name(s)
- Email address
- Account number
- Membership tier status
- Total KrisFlyer miles
- Recent miles transactions
- Upcoming flights
- KrisFlyer rewards We have established that this was a one-off software bug and was not the result of an external party’s breach of our systems or members’ accounts. The period during which the incident occurred was between 2am and 12.15pm (Singapore time) on 4 January 2019, at which point the issue was resolved. We have reviewed your account and confirmed that no changes were made to your KrisFlyer account and your credit card details were not disclosed. We will be reaching out to you soon to provide administrative assistance on this matter. In the meantime, please contact [email protected] should you have any queries or require assistance. As a precautionary measure, Singapore Airlines will be changing your KrisFlyer membership number and the reference numbers for any existing bookings you may have with Singapore Airlines, SilkAir and/or Scoot flights only. The protection of our customers’ personal data is of utmost importance to Singapore Airlines, and we have voluntarily informed the Personal Data Protection Commission of Singapore. We sincerely regret the incident. Immediate action is being taken to ensure this does not happen again. Yours sincerely,
.................................
Apparently only about 200 account affected and SQ seem to be handling it well. Of course it would be better if these things didn’t happen in the first place...
.........................Due to a software bug following a change to our website homepage on 4 January 2019, we have been made aware of a number of cases in which a customer when logged in to his or her KrisFlyer account, under certain specific conditions, may have been able to see selective details of another customer. Investigations based on system logs have since determined that there were 284 such cases in total. You are receiving this email because the following details of yours may have been viewed by another customer: - Passenger name(s)
- Email address
- Account number
- Membership tier status
- Total KrisFlyer miles
- Recent miles transactions
- Upcoming flights
- KrisFlyer rewards We have established that this was a one-off software bug and was not the result of an external party’s breach of our systems or members’ accounts. The period during which the incident occurred was between 2am and 12.15pm (Singapore time) on 4 January 2019, at which point the issue was resolved. We have reviewed your account and confirmed that no changes were made to your KrisFlyer account and your credit card details were not disclosed. We will be reaching out to you soon to provide administrative assistance on this matter. In the meantime, please contact [email protected] should you have any queries or require assistance. As a precautionary measure, Singapore Airlines will be changing your KrisFlyer membership number and the reference numbers for any existing bookings you may have with Singapore Airlines, SilkAir and/or Scoot flights only. The protection of our customers’ personal data is of utmost importance to Singapore Airlines, and we have voluntarily informed the Personal Data Protection Commission of Singapore. We sincerely regret the incident. Immediate action is being taken to ensure this does not happen again. Yours sincerely,
.................................
Apparently only about 200 account affected and SQ seem to be handling it well. Of course it would be better if these things didn’t happen in the first place...
Last edited by Camohe; Jan 5, 2019 at 11:10 pm
