Etihad Airways is investigating a potential data breach after an anonymous source sent Gulf News personal details of “around seven thousand individuals from Etihad’s loyalty programme”.
The data breach is believed to have been caused by a third party that worked with the airline in 2013 to run a promotional campaign.
The leaked data includes:
– Email addresses
– Phone numbers
– IP addresses
Etihad has assured its customers that the data breach “does not include sensitive or financial information, and presents no threat to the security of Etihad Guest member’s accounts.”
An Etihad spokesperson told Gulf News that “It also appears this information was misappropriated from a marketing vendor involved in a promotional campaign in 2013. As a consequence, Etihad Airways is considering all its legal options as a matter of priority.”
EmailCiti founder Khaled Jabasini confirmed that the leaked personal details came from a promotional website that EmailCiti had built for Etihad in 2013.
Etihad Airways is no longer working with EmailCiti.
Securing the supply chain
This breach further highlights the threat posed by insecure third parties. I’ve previously spoken to IT Governance’s founder and executive chairman, Alan Calder, about the supply chain:
“Organisations are only as secure as their weakest link. Alongside your own security efforts, it’s vital that you ensure your supply chain is equally secure. An attack on a single link in a supply chain can have devastating effects further down the line.”
Article courtesy of Lewis Morgan – http://www.itgovernance.co.uk/blog
To find out how BLACKMORE RICOTECH can manage your secure IT disposal, get in touch. Call 0800 880 3678 today
If you would like to be kept up to date with changes to Data Protection or WEEE legislation, together with other important information that could affect your business, why not subscribe to our newsletter service? Rest assured, we will not share your information with anyone else and you can unsubscribe at any time. To stay informed, simply enter your email address and click the SUBSCRIBE button.