itb-nz logo
Story image

Air NZ faces data breach after staff accounts phished

09 Aug 2019

Air New Zealand has suffered a data breach after two of its staff accounts were phished.

The carrier advised customers that while Airpoints loyalty accounts were not accessed, some information relating to membership profiles may have been visible on internal documents.

It sent out an email this afternoon advising customers of the breach.

The email also stated that credit card details and Airpoints passwords were not affected.

The breach comes on the back of UK airline carrier British Airways being hit with a US$230 million fine by a privacy watchdog for failing to protect its customers’ data in 2018.

Data compromised in that hack included login details, payment information, travel booking information, and addresses and affected anyone who booked a flight through the British Airways website over a two-week period.

In total, that came up to approximately 380,000 accounts.

The fine sets a tough precedent, making airline carriers realise they are targets for cyber-attacker for the customer information they hold, and that authorities expect them to take full responsibility for securing that data.

Air New Zealand loyalty and customer direct regional general manager Jeremy O’Brien says the company has secured the two affected staff accounts and are conducting a thorough investigation on the event.

“We’re also focused on further hardening our security processes to help prevent any similar incidents from happening in the future.”

He encouraged customers to be on the lookout for phishing emails over the next few months, reminding them that they will never ask for credit card details or login information in an email.

The company also included the following tips on how to spot phishing emails:

Phishing scams can be very sophisticated.

If your personal information was exposed in this recent incident, it could possibly be used to create authentic-looking hoax emails.

They could include your name and your Airpoints number, for example.

Please be cautious of emails that:

  • Appear to be from Air New Zealand, but are not from one of our mailing addresses which usually end in, or
  • Make urgent appeals for fast action
  • Ask you to make an online payment
  • Include attachments that may contain viruses
  • Contain links to sites that are malicious or unsavoury

If the email seems to be from someone you trust but is asking you to make an unusual financial transaction, call or text the real sender to check.

If you think you have been sent a phishing email, delete it immediately.

For more information on phishing emails visit CERT NZ, the New Zealand Government’s cybersecurity advisory service, or Netsafe NZ.

Story image
From 1G to 5G: How innovations in cellular have shaped our lives
As we look to the present decade from 2020 onwards, 5G will be at the forefront. The race for 5G is not about merely deploying new infrastructure, but getting the first-mover advantage in who can build and take the leadership role in the host of new applications and services that 5G will enable.More
Link image
GoTo & Microsoft Teams: A winning collaboration
Every tool has a purpose, and with the latest integration users can now maximise productivity by choosing the right meeting solution for the task at hand.More
Link image
Data is an organisation's most significant asset - here's how to protect it
Data resilience strategies are becoming more crucial as more value is ascribed to a company's data. If it's not stored securely and cost-effectively, expect problems.More
Download image
Network functions virtualisation: What is is, how to use it, and why it matters
Network functions virtualisation (NFV) is fast becoming the go-to method of simplifying corporate networks from planning, through deployment and management.More
Story image
New Relic recruits former Qlik, Delphix execs to boost A/NZ team
"We are absolutely thrilled to have two very seasoned executives join us at New Relic as we help customers chart and execute on their plans for digital delivery and cloud services."More
Story image
Accenture invests US$3 billion into cloud migration initiative
Accenture Cloud First is a new multi-service group of 70,000 cloud professionals that brings together Accenture’s industry, technology capabilities and ecosystem partnerships.More