BreachExchange mailing list archives
4, 749 KrisShop customers' data exposed after phishing attack on SIA in-flight retailer
From: Terrell Byrd <terrell.byrd () riskbasedsecurity com>
Date: Thu, 17 Mar 2022 10:22:29 -0400
https://mothership.sg/2022/03/krisshop-phishing/ The personal information of 4,749 KrisShop customers have been compromised and exposed to an unknown entity after a phishing attack on an Singapore Airlines' in-flight retailer employee account, The Straits Times reported. A KrisShop employee's work account was illegally accessed by an external party on March 8 due to a phishing attack. Types of info compromised The data compromised included names, bank account numbers, e-mail addresses, residential addresses, contact numbers, and KrisShop e-voucher numbers, and KrisFlyer account numbers. About 165 customers had their bank account numbers exposed. A total of 17 customers had their KrisFlyer account numbers revealed. KrisShop told ST on March 17 that password or credit card information were not leaked. Customers informed KrisShop has apologised to affected customers for the incident. It also said it is in the process of contacting them and will be offering any assistance that they may require. No details were provided on the nature of the attack. PDPC notified The Personal Data Protection Commission was notified on March 10. This was after the information required for KrisShop to make a report was verified internally by the company. The affected KrisShop e-vouchers have also been cancelled and replaced.
_______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- 4, 749 KrisShop customers' data exposed after phishing attack on SIA in-flight retailer Terrell Byrd (Mar 21)