- Air New Zealand suffered a data breach compromising Airpoints members’ personal information after two staffs had their accounts breached in a phishing attack.
- The incident has affected nearly 3.5 percent of 3.2 million Air New Zealand Airpoints customers, which is approximately 112000 customers.
What’s the matter?
Air New Zealand suffered a data breach compromising Airpoints members’ personal information after two staffs had their accounts breached in a phishing attack.
Upon learning the incident, Air New Zealand launched an investigation and secured the two affected staff accounts. It has also notified the impacted customers about the breach.
What is the impact?
- The incident has affected nearly 3.5 percent of 3.2 million Air New Zealand Airpoints customers, which is approximately 112000 customers.
- The compromised staff accounts exposed the personal information of customers' membership profiles to those attackers.
- However, no Airpoints accounts and credit card details have been compromised in the breach.
“While your Airpoints account was not accessed, some information relating to your membership profile may have been visible in our internal documents should these documents have been accessed. This will vary by member and could include details such as Airpoints number, members’ name, and email, as an example,” a spokesperson for the airline said, 1 News reported.
What was the response?
Air New Zealand’s regional general manager, loyalty and customer direct Jeremy O'Brien said in an email to members that the airline has reported the data breach incident to the appropriate regulatory authorities and has strengthened its security measures to avoid incidents from happening in the future.
“We have notified the relevant regulatory bodies. Unfortunately, malicious attacks of this nature are becoming more common around the world and we apologise to our customers for any inconvenience,” O’Brien said, NZ Herald reported.
“We're also focused on further hardening our security processes to help prevent any similar incidents from happening in the future. We would encourage you to be on the lookout for phishing emails over the next few months,” she added.
Recommendations from the airline
Air New Zealand provided a few tips on how to spot phishing emails listed below.
“Be cautious of emails:
- That appear to be from Air New Zealand, but are not from one of our mailing addresses which usually end in airnz.co.nz, airnewzealand.co.nz or grabaseat.co.nz
- Make urgent appeals for fast action
- Ask you to make an online payment
- Include attachments that may contain viruses
- Contain links to sites that are malicious or unsavory
If the email seems to be from someone you trust but is asking you to make an unusual financial transaction, call or text the real sender to check.
If you think you have been sent a phishing email, delete it immediately.”
Publisher
/https://cystory-images.s3.amazonaws.com/shutterstock_332369639.jpg)
/https://cystory-images.s3.amazonaws.com/london-bridge-1143467_1280.jpg)
