Philippine Airlines Suffers Cyberattack With Frequent Flyer Program
Philippine Airlines (PAL) recently suffered a cybersecurity breach that saw thousands of its frequent flyer details stolen.
The attack was targeted at an IT provider for the carrier and impacted members who joined between 2015 to 2017. Details taken include names, date of birth, nationality, gender, and more.
Philippine Airlines IT Providers Suffered a Data Breach
According to CNN Philippines, PAL confirmed on Sunday that one of its IT providers, Accelya, suffered a data breach recently. The provider stored data relating to PAL’s Mabuhay Miles frequent flyer program, which has now fallen into the hands of unwanted parties.
The carrier has said it lost limited information on members who signed up from 2015-17. However, this includes details such as name, date of birth, gender, nationality, joining date, points balance, and status level.
Furthermore, while these may not seem significant individually, put together, they can compromise online security severely.
No impact on operations
Philippine Airlines has stressed that the latest data breach has nothing to do with its systems, pointing to its third-party contractors.
Moreover, with PAL’s internal systems unaffected, passengers nor operations will not face any trouble soon. However, PAL has urged all travelers to change their Mabuhay Miles passwords as a precautionary measure.
Notably, this is not the first time in recent memory that third-party firms have faced cyberattacks on passenger data. In early 2021, a data breach at service provider SITA saw millions of frequent flyers on carriers ranging from British Airways to Cathay Pacific to Air India that saw their details stolen.
This has brought data security back into focus and raised alarms over how information might be handled externally. Earlier In 2020, British Airways handed a massive £20 million ($23.4mn) fine for a breach that saw nearly 250,000 passengers affected by leaked personal data like addresses and card details.
Huge reliance on IT
Whether we like it or not, airlines have become as strong as their IT capabilities today. From bookings to route planning to operations, modern aviation is driven by advanced algorithms and software.
While this has made travel affordable and efficient, it can also leave carriers in a lurch when something fails. Aer Lingus is finding this out the hard way this weekend, with nearly all flights axed for a day due to an outage.
For now, incidents such as these remind airlines how impact investment in new and secure IT systems remains.