Jump to content

Bangkok Airways Notice of Cyber Security Incident.


Recommended Posts

Posted

I received an Email from Bangkok Airways that there site was hacked exposing members information.

 

If you are a member you may want to change your password.

 

 

 

Screenshot_20210828-181447.jpg

Posted (edited)

So passenger full names, passport numbers, phone numbers, partial credit card information have been hacked but, hey, don't worry, "aviation security" hasn't been affected and we're open for business as usual.

 

"Partial credit card" information sounds to me like saved details of any card on file eg full number and expiry date. If it was just xxxx xxxx xxxx xxxx 1234 they'd hardly be advising "we recommend you contact your back or credit card provider".

 

No mention either of just how bad this hack has been in terms of number of customers whose data has been compromised.

Edited by BKKBike09
added comment
  • Like 2
Posted

I wonder if this could explain some unauthorized charges on my U.S. bank-issued credit card last month?  I had used it for a Bangkok Air flight in early July, making the reservation in late June.  Fortunately, it's a card from a U.S. financial institution, so I won't be liable, but it's still a pain to be without a Visa card for a couple weeks while a new one arrives.  The Visa-card lady asked me if I used Google Play or iTunes; I do use Google Play from time-to-time so I had assumed that was the culprit since she asked about.  The unauthorized charges were not from Google Play, however, but a supplier of vitamins and supplements that is well-loved by the expat crowd in Thailand.  We've never ordered from them.

  • Like 1
Posted
2 hours ago, NancyL said:

I wonder if this could explain some unauthorized charges on my U.S. bank-issued credit card last month?  I had used it for a Bangkok Air flight in early July, making the reservation in late June.  Fortunately, it's a card from a U.S. financial institution, so I won't be liable, but it's still a pain to be without a Visa card for a couple weeks while a new one arrives.  The Visa-card lady asked me if I used Google Play or iTunes; I do use Google Play from time-to-time so I had assumed that was the culprit since she asked about.  The unauthorized charges were not from Google Play, however, but a supplier of vitamins and supplements that is well-loved by the expat crowd in Thailand.  We've never ordered from them.

Same happened for me.

 

I've just tried a password (Dash) manager.  I've got so many accounts with the same password, over 50.

 

I'm still playing around with it.

I need to do something though.

 

Good luck!

 

Posted
13 hours ago, NancyL said:

I wonder if this could explain some unauthorized charges on my U.S. bank-issued credit card last month?  I had used it for a Bangkok Air flight in early July, making the reservation in late June.  Fortunately, it's a card from a U.S. financial institution, so I won't be liable, but it's still a pain to be without a Visa card for a couple weeks while a new one arrives.  The Visa-card lady asked me if I used Google Play or iTunes; I do use Google Play from time-to-time so I had assumed that was the culprit since she asked about.  The unauthorized charges were not from Google Play, however, but a supplier of vitamins and supplements that is well-loved by the expat crowd in Thailand.  We've never ordered from them.

Almost exactly what happened to me.  Only use the credit card for travel (air tickets/hotels). Which has been 4 times since March 2021 one of them being a Bangkok Air flight. The only exception to above post was my card was used by a popular e-wallet app in Brazil.  A US card which has good fraud protection and denied all the charges luckily. 

  • Like 1
Posted
12 hours ago, MrJ2U said:

I've got so many accounts with the same password, over 50.

Ouch.

 

Use unique passwords.

 

Use 2FA for EVERYTHING, from Windows log-in to Google, to, well everything. It's a pain, but worth it.

 

 

  • Like 1
Posted
32 minutes ago, mtls2005 said:

Use 2FA for EVERYTHING,

Personally I think that is overkill and fortunately sites like Asean now don't have 2FA (I don't think?) and I certainly wouldn't want to have to faff around with it for them and other similar sites if they did. For anything sensitive like email then yes definitely.

I guess it also depends how much information you give them..........

 

Unique passwords though - absolutely.

Posted

Now days I am receiving emails similar to this...... I first look at the 'address' of who sent it to me......

If the sender address isn't an official address of companies I do business with.... I dismiss it and click on spam.... I am getting many of these now days... and checking the address of the sender can give you a clue it is spam.... trying to get some of your personal info....

MY ADVISE:    never reply to an email received but contact that company WITHOUT replying to the email you received...

Posted

Some Thai credit card issuers are offering to re-issue cards today.

 

For the one credit card we've used with Bangkok Airways, the rep. knew about the situation, recommended a stop on the current card and processed a new card order with delivery committed to this Friday.

 

 

Posted
3 hours ago, mtls2005 said:

Ouch.

 

Use unique passwords.

 

Use 2FA for EVERYTHING, from Windows log-in to Google, to, well everything. It's a pain, but worth it.

 

 

I've used that but not every site offers it.

 

I've got a password manager now

 

I still have to manually change passwords though first time.

 

Lazy man. 

Posted
On 8/29/2021 at 9:31 PM, MrJ2U said:

Same happened for me.

 

I've just tried a password (Dash) manager.  I've got so many accounts with the same password, over 50.

 

I'm still playing around with it.

I need to do something though.

 

Good luck!

 

Yes. A password manager is a must nowadays. I have used both Dashlane and 1Password. Currently using 1Password, but looking to change to something else as it is going subscription.

 

But no password manager can protect against bad, or a lack of security, or hack, and this one seems a bad one due to the types of personal information stolen.

Once the hackers have got your information you are compromised. It will be sold or shared on the dark web, and aggregated with other information about you gleaned from other hacks. Be prepared for lots of personal addressed phishing scams as well as credit card fraud.

 

It seems Bangkok Airways might have been victim of a ransomware attack. from the excerpt below, today might be the day that all our information is released into the wild.

 

This announcement, published last Friday, coincides with the posts of the LockBitransomware hackers, who claim to have access to around 103 GB of information extracted from the airline, so all this fuss could be related to a ransomware infection.

The hackers claim that the compromised information will be exposed this August 31, although LockBit is not characterized by honoring its word. A few weeks ago, ransomware operators threatened to leak thousands of sensitive records extracted from technology services company Accenture, though this leak never came.

  • Like 1
Posted
38 minutes ago, phetphet said:

I have used both Dashlane and 1Password

Which one do you prefer?

 

I Googled  "promotion code for Dashlane".

Found 50% off.  When I applied it, it noticed my IP address in Thailand's and wouldn't except the code and actually the price went up 30%.

 

I'll try with my VPN.

 

What are you trying next?

 

Any recommendations Appreciated. Its cheaper getting an annual subscription.

 

 

Posted

You'd think the outrageous prices Bangkok Airways charges they'd invest in a good Cyber security team or hire an outside company.

 

Always doing things on the cheap in Thailand.

  • Like 1
Posted
1 hour ago, MrJ2U said:

Which one do you prefer?

 

I Googled  "promotion code for Dashlane".

Found 50% off.  When I applied it, it noticed my IP address in Thailand's and wouldn't except the code and actually the price went up 30%.

 

I'll try with my VPN.

 

What are you trying next?

 

Any recommendations Appreciated. Its cheaper getting an annual subscription.

 

 

Not sure what I will try next. Still investigating.

I like 1Password and have been using it for about three or four years, but from version 8 it is going to be subscription only. I only need it for passwords, not all the other stuff they now bundle it with.

 

Reading reviews on LastPass, KeePassXC, EnPass, Keeper , BitWarden.

 

I might even go back to DashLane if they are offering discounts as it was pretty good.

 

I can't understand why you could not sign up using their discount code. Maybe try another code. Just google dashlane discount codes.

 

Alternatively go to their website and they offer discounts for yearly memberships

https://www.dashlane.com/plans

  • Like 1
  • Thanks 1
Posted (edited)
21 hours ago, phetphet said:

can't understand why you could not sign up using their discount code. Maybe try another code. Just google dashlane discount codes.

It said we noticed your signing up outside of the US.

 

Then it showed a higher price.

 

You can Google  "Promotion Codes for ______" and they'll usually be a lot of discount codes for anything you purchase online.

 

Dashlane has good reviews.  I might just use them after my 30 day free trial expires.

21 hours ago, phetphet said:

 

Nord Pass is having a sale.

 

I use there VPN occasionally.

 

 

Screenshot_20210901-091858.jpg

Edited by MrJ2U
Posted
21 hours ago, phetphet said:

Not sure what I will try next. Still investigating.

I like 1Password and have been using it for about three or four years, but from version 8 it is going to be subscription only. I only need it for passwords, not all the other stuff they now bundle it with.

 

Reading reviews on LastPass, KeePassXC, EnPass, Keeper , BitWarden.

 

I might even go back to DashLane if they are offering discounts as it was pretty good.

 

I can't understand why you could not sign up using their discount code. Maybe try another code. Just google dashlane discount codes.

 

Alternatively go to their website and they offer discounts for yearly memberships

https://www.dashlane.com/plans

Heres there new 50% off code.

 

I'll try it with a VPN.

Screenshot_20210901-092209.jpg

  • Like 1
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...