TOKYO--Japan Airlines Co. said it has become the latest target
of hackers, with the information of up to 750,000 customers
possibly stolen.
The airline confirmed Monday it has found evidence of
unauthorized access to its Customer Information Management System
due to a virus attack on computer terminals within its network. The
personal data of JAL Mileage Bank members are stored in the
system.
The data that may have been leaked include the names, genders,
birth dates, addresses, email address and places of work of JAL's
mileage program members.
The airline said there is no indication that the members"
passwords or credit card numbers have been stolen.
JAL found out about the leak as it conducted an investigation
into incidents where its customer information system responded too
slowly on Sept. 19 and 22.
It said personal data of approximately 190,000 customers are
suspected to have been stolen on the two days. Of those, a maximum
21,000 pieces of data were likely to sent to "a malicious external
server," which the company hasn't been able to identify except that
it is located in Hong Kong.
JAL said the data breach may have already begun Aug. 18, which
means up to information on 750,000 customers could have been leaked
in the worst case scenario.
While JAL's information systems have never been hacked before,
it wasn't the first time for a Japanese airline to become the
target of illegal system access.
In March, All Nippon Airways Co., JAL's domestic rival, saw 11
cases where flight mileage credits of its customers were exchanged
for gift codes for Apple Inc.'s iTunes store without the users"
authorization. The company said that no personal data were stolen
at that time, though it hasn't determined how the incidents
occurred.
"We are taking necessary measures and have blocked the ability
for all computers with access to the affected system to connect to
external networks," JAL said in a statement.
"Based on findings of our investigations, we will take all
possible countermeasures," it added.
Write to Megumi Fujikawa at megumi.fujikawa@wsj.com
Subscribe to WSJ: http://online.wsj.com?mod=djnwires
