Personal Data of 750,000 frequent fliers were stolen from Japan Airlines (JAL) Network.
Japanese Airlines or JAL said they detected number of intrusions on Friday and Monday into their computer network that manages customer information and vital customer data. “Hackers may have stolen details of between 110,000 and 750,000 members of Japan Airlines’ frequent flier club”, the Airline said in a statment.
The stolen data including the names, addresses, genders and places of work of members of JAL’s mileage program for frequent flyers, which offers benefits in the form of various discounts to tickets, free class upgrade, or for the purchase of in-flight sales items. JAL has however confirmed that no financial data(Credit/Debit card data) was stolen.
An investigation has suggested that the cyber intrusion which began on 18th August went undetected for over a month.
About 23 computers were found to be infected by a malware of which seven computers were found to have been sending stolen data to a remote server in Hong Kong.
The malware was apparently planted to its network using a rogue email which contained the malware as payload.
JAL and the Japanese law enforcement agencies has since been working together into solving the case. As per preliminary investigation, the main source of the intrusion seems to be emanating from Hong Kong however that does not prove that the attackers were from China, the investigators have said. They added that the hackers could have been controlling the server from almost any place around the world.
This is not the first time when JAL is hit by a cyber intrusion, In February, attackers penetrated a JAL service that allowed frequent fliers to exchange mileage points for gift coupons accepted by Amazon.com Inc. They racked up millions of Yen in losses, Japan times said.