Thailand’s Bangkok Airways has said it is taking “relevant measures” to strengthen its IT systems after it was hit by a cyber security attack that resulted in unauthorised access to its information system.
The company disclosed the attack and subsequent breach in a statement published on 26 August, stressing that it immediately took action to investigate and contain the event once it was discovered, engaging a cyber security team to assist it in its efforts.
The airline said it was investigating the attack and breach, as a matter of urgency, to verify the compromised data and the affected passengers, in addition to strengthening its IT systems.
“An initial investigation of the incident appeared to confirm that some of the personal data may have been accessed which are, passenger name, family name, nationality, gender, phone number, email, address, contact information, passport information, historical travel information, partial credit card information and special meal information,” Bangkok Airways said.
At the same time, the company has confirmed that the incident did not affect its operational or aeronautical security systems.
“This incident has been reported to the Royal Thai police as well as providing notification to the relevant authorities,” the company said. “For primary prevention measures, the company highly recommends passengers to contact their bank or credit card provider and follow their advice and change any compromised passwords as soon as possible.”
The carrier also cautioned customers to be aware of any suspicious or unsolicited calls and emails, suggesting that its attacker may be claiming to be Bangkok Airways and attempt to gather personal data by deception.
“The company (Bangkok Airways) will not be contacting any customers asking for credit card details and any such requests. In case of such event occurs, passengers should take legal actions,” it said.
Bangkok Airways stressed that it took the protection of its passengers’ data “very seriously” and said it was deeply sorry for the worry and inconvenience the incident has caused.
The attack was reportedly carried out by threat actor LockBit, according to media outlet Bleeping Computer, which said the ransomware gang posted a message on its leak site claiming responsibility for the breach.
The attack is at least the third such major incident weathered by an airline operator in the Southeast Asia region this year.
In March, Malaysia Airlines informed its Enrich frequent flyer members of a “data security incident” via a third-party IT service provider, insisting the breach avoided the national carrier’s core IT infrastructure and systems.
Singapore Airlines said in a statement published late on 4 March that it had been informed by air transport communications and information technology provider SITA of a data security breach involving its Passenger Service System (SITA PSS) servers.
Although Singapore Airlines is not a direct customer of the SITA PSS, the breach of the SITA PSS server affected some of its KrisFlyer and PPS members. This was due to the use of the SITA systems by a fellow Star Alliance member, the company said at the time.