CEBU Pacific yesterday confirmed its reward platform GetGo encountared an unauthorized access to application server Wednesday evening prompting them to launch a probe.
“Cebu Pacific confirms that there was an unauthorized access to a GetGo application server last night. This server has been secured. We can also confirm that credit card information was not stored on that server,” Cebu Pacific said in a statement.
“As a precaution, we have temporarily disabled log-in using GetGo credentials to the cebupacificair.com website and mobile app, both of which remain secure,” it added.
As a result, all GetGo online channels have also been temporarily disabled as authorities continue to investigate the matter.
“We have informed the National Privacy Commission, and are working with them on the investigation,” added the airline.
Meanwhile, in a tweet, hackers’ group Pinoy LulzSec claimed responsibility for the breach.
“Large data breach coming from GetGo to (Cebu Pacific). Active directory is life,” the Pinoy LulzSec account tweeted Wednesday evening.
With Jerry S. Tan