MANILA — The initial findings of the National Privacy Commission showed that no data of Filipinos were compromised in the reported massive ransomware attack on the regional airline AirAsia.

The agency conducted a probe when AirAsia submitted a breach notification on November 20 through the NPC’s Date Breach Notification Management System.

In a statement, AirAsia Philippines said it has strengthened its cybersecurity system. The breach did not affect their operations in the Philippines.

"Capital A (AirAsia Group), after an attempted ransomware attack recently, is reinforcing its cybersecurity system. It’s business as usual in AirAsia Philippines. We are working closely with the National Privacy Commission on the aforementioned incident. Our company has added rigorous precautionary measures to prevent incidents like this from happening again," AirAsia Philippines said in a statement.

AirAsia Philippines said no sensitive data, such as passwords or financial information, were compromised.

The ransomware attack has reportedly exposed more than 5 million records online that are thought to include information on customers and employees.

DataBreaches, a website that reports data breach incidents worldwide, disclosed that AirAsia fell victim to a ransomware attack.

Hackers using spyware allegedly obtained the personal data of 5 million unique passengers and airline employees.

The data obtained include passengers’ names and employee details such as date of birth, location, and date of employment started.

In September 2022, the personal information of Philippine Airlines (PAL) Mabuhay Miles members was exposed in a data leak.

The flag carrier airline said it demanded its third-party service provider to improve its cybersecurity features.

RELATED VIDEO

Watch more News on iWantTFC