No financial information accessed during the intrusions

Sep 26, 2014 10:07 GMT  ·  By

The computer network of Japan Airlines (JAL) has been subject to an attack from an unknown party that managed to extract various details of between 110,000 and 750,000 members of the company’s frequent flyer club.

Last week on Friday and at the beginning of this week, system administrators at JAL detected several unauthorized intrusions on machines used for storing and administrating customer information.

The type of information accessed by the attacker(s) consists of names, addresses and places of work of the clients enrolled in the loyalty program for frequent flyers, which offers benefits in the form of various discounts to tickets, free class upgrade, or for the purchase of in-flight sales items.

Stolen info sent to server in China

According to Japan Times, the investigation initiated as a result of the intrusion detection revealed that a total number of 23 computers had been infected with malware that sent data to a server located in Hong Kong.

However, this does not mean that the perpetrator(s) are Chinese, since they could be located in any part of the world, controlling the server from afar.

The company informs that the attack may have started as early as August 18, the customer information being exposed for a little over a month.

Japan Airlines could not identify a risk to financial information stored on their infrastructure, saying that there was no evidence that credit card numbers and/or passwords were leaked. Furthermore, no fraudulent transactions were reported.

Reaping the benefits of airline miles

Stealing airline miles may not seem like a very lucrative business, but cybercriminals have a solution for turning into profit just about any sort of protected information.

They could be selling the miles to other travelers, who can then purchase airplane tickets at lower prices. On the same note, some airlines offer free flights to different destinations in the world.

However, the most straightforward way to cash in on those miles is to transfer or sell them through brokerage services specifically created for this purpose.

Japan Airlines has its own Mileage Bank that can be used. A service that is currently suspended, but will be resumed at an unknown date, consists in redeeming miles for Amazon gift cards.

The intrusion is believed to have occurred through email messages containing malicious attachments. Opening such an attachment would initiate the infection and compromise the computer.

Japan Airlines has contacted the Tokyo police and is working to repair the damage.