Singapore Airlines’ (SIA) in-flight retailer KrisShop has suffered a data breach. According to The Straits Times (ST), the personal information of 4,749 KrisShop customers was breached. This included names, email addresses, residential addresses, contact numbers and KrisShop e-voucher numbers. Additionally, the bank account numbers of about 165 customers, as well as the KrisFlyer account numbers of 17 people, were exposed, but passwords and credit card information was not exposed as the company files did not include information, ST reported.
The data breach came after a phishing attack on 8 March, by an unknown party, that targeted a KrisShop employee account. According to ST, KrisShop has concluded that the breach was an isolated incident that came about due to human error, following a review of its systems and processes. It also reviewed its systems and processes together with Singapore Airlines, and concluded that the breach was an isolated
Citing a KrisShop spokesperson, ST reported that the affected account was locked and investigations commenced as soon as the company was alerted to the phishing attack. The Personal Data Protection Commission was also notified of the incident on 10 March, after the information required for the report was verified internally by the company. KrisShop is currently in the process of contacting affected customers and will offer any assistance that they may require, ST reported. It also cancelled and…
