Singapore Airlines experiences security breach, personal information of more than 280 KrisFlyer members disclosed

3009
Photo: YouTube screengrab

Singapore – Due to a software bug experienced by Singapore Airlines, the private information of more than 280 KrisFlyer members were disclosed to other members. Some even had their passport numbers shared to strangers.

KrisFlyer member Tricia Leo noticed something was off when she logged into her account on January 5, Saturday. She saw a different email address on her profile page and after refreshing her login, she was able to see the anonymous person’s entire history, upcoming trips, miles and other information. She tried calling Singapore Airlines to inform them of the incident but was merely advised to log off for 24 hours since they were “upgrading their system”. According to Ms. Tricia, “the officer didn’t even bother with the offer of a report of what happened till I asked.” This is a serious security breach of personal information and it was unusual that the airlines’ initial reaction was quite complacent.

Ms. Tricia went to social media and posted her experience in hopes of spreading awareness.

Security breach on SQ, only to get a super dismissive response… So this happened to me.I logged into my krisflyer…

Posted by Tricia Leo on Friday, 4 January 2019

Because of her report, SIA has looked into the problem and has updated the public on what happened. It turns out that a software bug got into the system and affected 284 KrisFlyer accounts. Their names, flight history, recent miles transactions and rewards were disclosed to other members. Furthermore, seven of the total cases may have had their passports numbers revealed.

The bug acted in a way wherein two members logging in at the same time would see each other’s details. According to SIA, the breach came from internal sources and was not caused by an external party.

Singapore Airlines has given an update that the issue has been resolved and they are now following up with the affected customers for more information. They have also contacted the Personal Data Protection Commission of Singapore regarding the incident while taking steps to ensure it doesn’t happen again.

Netizens are very unpleased with the situation, especially at how SIA responded to Ms. Leo.

Photo: Facebook screengrab

LisaLim Foxx commented on how unready Singapore is to go fully digital because of what happened.

Photo: Facebook screengrab

Meanwhile, Wallace Ong is inquiring if there are freebies to be given because of the breach.

Photo: Facebook screengrab