fbpx
Friday, May 3, 2024
Latest:

Johor Business Network

All about Johor Business

More than 280 KrisFlyer members' details disclosed due to software bug: Singapore Airlines
Technology 

More than 280 KrisFlyer members’ details disclosed due to software bug: Singapore Airlines

editor ,

SINGAPORE: More than 280 KrisFlyer members had their account details and travel history disclosed to other customers due to a software bug, Singapore Airlines told Channel NewsAsia on Saturday (Jan 5). In a handful of cases, their passport numbers may have been revealed.

The bug was caused by a change to the Singapore Airlines website’s homepage the day before.

According to SIA, the incident occurred between 2am and 12.15pm on Friday.

“We have been made aware of a number of cases in which a customer logged in to his or her KrisFlyer account, under certain specific conditions, may have been able to see selective details of another customer,” an SIA spokesperson told Channel NewsAsia.

SIA said there were 284 such cases in total. Of these, 277 may have seen another customer’s passenger’s name, email address, account number, membership tier status, total KrisFlyer miles, recent miles transactions, upcoming flights and KrisFlyer rewards.

In the remaining seven cases, the passenger’s passport details may have been disclosed as well.

These details would have been exposed if two members had been logged in to their KrisFlyer accounts and were accessing transactions displaying member info at the same time. They also had to be assigned the same server by the system, SIA said.

It added that the issue has since been resolved.

The incident came to light after a KrisFlyer member, Tricia Leo, took to Facebook to express concern about a security breach on Saturday.

“I logged into my KrisFlyer page and was able to see someone else’s email on my profile page,” she said in a Facebook post. “I tried a new login and I could see his entire history, upcoming trips, miles …” She added that she reached out to Singapore Airlines and was told to “log off for 24 hours as they were upgrading their system”.

“ONE-OFF SOFTWARE BUG”

When asked to about Ms Leo’s account, SIA said it cannot comment on individual cases for reasons of customer confidentiality.

It added that the incident was due to a “one-off software bug” and that it was not the result of an external party’s breach of the systems or members’ accounts.

The airline said there were no changes made to any members’ accounts and no credit card details were disclosed.

Singapore Airlines said it was following up directly with the affected customers.

“We have also voluntarily informed the Personal Data Protection Commission of Singapore,” it said.

“The protection of our customers’ personal data is of utmost importance to SIA, and we sincerely regret the incident. Immediate action is being taken to ensure this does not happen again.”

Source: ChannelNewsAsia

You May Also Like

TCL 10 Pro Android phone could be one of the best smartphones of 2020 – Business Insider

johorbiznet

From Software has two new games in the works. Is ‘Bloodborne 2’ one of them? – Digital Trends

johorbiznet

Cannon Dancer – Strictly Limited Games Limited Edition Trailer – Gematsu

johorbiznet