The personal information of 4,749 KrisShop customers have been compromised and exposed to an unknown entity after a phishing attack on an Singapore Airlines’ in-flight retailer employee account, The Straits Times reported.
A KrisShop employee’s work account was illegally accessed by an external party on March 8 due to a phishing attack.
Types of info compromised
The data compromised included names, bank account numbers, e-mail addresses, residential addresses, contact numbers, and KrisShop e-voucher numbers, and KrisFlyer account numbers.
About 165 customers had their bank account numbers exposed.
A total of 17 customers had their KrisFlyer account numbers revealed.
KrisShop told ST on March 17 that password or credit card information were not leaked.
KrisShop has apologised to affected customers for the incident.
It also said it is in the process of contacting them and will be offering any assistance that they may require.
No details were provided on the nature of the attack.
The Personal Data Protection Commission was notified on March 10.
This was after the information required for KrisShop to make a report was verified internally by the company.
The affected KrisShop e-vouchers have also been cancelled and replaced.
Customers with queries may reach out to the retailer at [email protected]
Follow and listen to our podcast here
If you like what you read, follow us on Facebook, Instagram, Twitter and Telegram to get the latest updates.