BANGKOK, 30 August 2021: Bangkok Airways confirms it fell
victim to a cybersecurity attack, 23 August, resulting in authorised and
unlawful access to its information system that could comprise passenger data
privacy.

As a preventative measure, the airline recommends passengers
contact their bank or credit card provider and follow their advice and change
any compromised passwords as soon as possible. 

In addition, passengers should be cautious of any suspicious
or unsolicited or emails, as the attacker may be claiming to be authorised by
Bangkok Airways and may attempt to gather personal data by deception (known as
‘phishing’).

The airline in a press statement at the weekend, reassured
passengers and its loyalty programme members that its cybersecurity team had
immediately initiated an investigation and introduce damage control measures.

In its statement, the airline said it is currently, the
company is investigating to verify the extent of the compromised data and how
it affected passengers, as well as taking relevant measures to strengthen its
IT system.

The airline confirmed the initial investigation “appeared to
confirm that some of the personal data may have been accessed including
passenger name, family name, nationality, gender, phone number, email, address,
contact information, passport information, historical travel information,
partial credit card information, and special meal information. It did not
extend to the company’s operational or aeronautical security systems.

Bangkok Airways has reported the incident to the police as
well as providing notification to the relevant authorities linked to cyber
security matters.