BANGKOK, 30 August 2021: Bangkok Airways confirms it fell victim to a cybersecurity attack, 23 August, resulting in authorised and unlawful access to its information system that could comprise passenger data privacy.
As a preventative measure, the airline recommends passengers contact their bank or credit card provider and follow their advice and change any compromised passwords as soon as possible.
In addition, passengers should be cautious of any suspicious or unsolicited or emails, as the attacker may be claiming to be authorised by Bangkok Airways and may attempt to gather personal data by deception (known as ‘phishing’).
The airline in a press statement at the weekend, reassured passengers and its loyalty programme members that its cybersecurity team had immediately initiated an investigation and introduce damage control measures.
In its statement, the airline said it is currently, the company is investigating to verify the extent of the compromised data and how it affected passengers, as well as taking relevant measures to strengthen its IT system.
The airline confirmed the initial investigation “appeared to confirm that some of the personal data may have been accessed including passenger name, family name, nationality, gender, phone number, email, address, contact information, passport information, historical travel information, partial credit card information, and special meal information. It did not extend to the company’s operational or aeronautical security systems.
Bangkok Airways has reported the incident to the police as well as providing notification to the relevant authorities linked to cyber security matters.