Data breach compromises PAL’s Mabuhay Miles

Flag carrier Philippine Airlines said its IT service provider has been affected by a cybersecurity incident that exposed "limited information" from its Mabuhay Miles program.

Source: PAL Facebook page

PAL's IT provider suffers from a cyberattack

As reported by CNN Philippines, PAL said Accelya, its third-party IT service provider, confirmed to the airline that the latter’s internal system was attacked which also affected several of its other clients worldwide.

For the case of PAL, the incident involved information of its Mabuhay Miles customers who became members from 2015 to 2017, the company said.

The information exposed was limited to member names, birth dates, nationality, gender, join date, tier level, and points balance, PAL noted.

Other sensitive information, like contact details, credit card information, passport numbers, membership passwords, or flight ticketing information, were not affected, it assured.

The airline said the incident has been reported to the National Privacy Commission on September 8, which the agency confirmed.

PAL said affected customers of its frequent flyer program are currently being notified, as it also urges them to change their passwords as a precautionary measure.

PAL is closely coordinating with Accelya who confirmed to us that the incident has been contained. We urged Accelya to fortify security measures to ensure that there can be no recurrence, said PAL Senior Vice President and Data Protection Officer Alvin Limqueco.

He also assured that the cybersecurity incident had no effect on PAL's internal IT systems.

Safeguarding the data of our customers and frequent flyer members has always been a top priority of Philippine Airlines. We will do what is necessary to protect this information, in line with our strict safety culture that applies to all our flights and every aspect of our operations, Limqueco added.

What do you think guys?

Source: CNN