Settings

ⓕ font-size

  • -2
  • -1
  • 0
  • +1
  • +2

Asiana Airlines' customer database left unsecured since 2013

  • Facebook share button
  • Twitter share button
  • Kakao share button
  • Mail share button
  • Link share button
/ Korea Times file
/ Korea Times file

Login records between Jan. 2013 and Aug. 2014 unable to retrieve


By Park Si-soo, Lee Han-soo

Asiana Airlines' website server for the FAQ section has been left unsecured since January 2013, Korea Communications Commission (KCC) investigators said.


Previously, the nation's second-largest airline claimed only customer data entered since May 2015 had been vulnerable. Asiana issued the statement with that date following a report by The Korea Times on its compromised web security, which revealed an estimated 47,000 private documents of customers were improperly protected from unauthorized web access.

In line with its internal rules, the company had been deleting login records on the server between January 2013 and August 2014, making it impossible to trace server activity during the period.

Asiana and investigators from the KCC and the Korea Internet and Security Agency (KISA) said there were only two IP addresses -- one from The Korea Times and the other from a computer expert living overseas who informed the newspaper of the breach -- that extensively accessed the exposed data saved on the server during the retrievable period.

The airline ruled out the possibility that any of the unsecured data was accessed by anyone with malicious intent.

"We have found no suspicious traces of activities on the server after August 2014, but my concern is what happened before then," said a KCC official.

The two regulators are focusing their investigation on 47,023 private documents of passengers saved during the retrievable period. But they are left helpless when it comes to investigating the "deleted period" that could have contained more documents than those retrievable, as the vulnerable documents and any visitor IP addresses have both since been deleted.

"The FAQ section reopened in 2013 after a renovation and it has been left unsecured since then," said the KCC official. "This means the website was relaunched with critical loopholes."

The unprotected information includes citizen resident numbers, passport information, home addresses, bank account details, phone numbers and family relations records. It compromises Koreans and foreigners who traveled or will travel using Asiana or its affiliated airlines, such as United Airlines, Lufthansa, Thai Airways, Singapore Airlines and Scandinavian Airlines, among others.

Regarding suspicions that maliciously minded insiders could have intentionally left the security loopholes unplugged, an investigator said "if that were the case, they would have targeted Asiana's main server containing information about millions of passengers."

It will take a couple of months for the ongoing investigation to be completed, said investigators.

Meanwhile, Asiana has beefed up its website security following the Times' report and issued a letter of apology to nearly 100 passengers whose private documents were accessed by this newspaper. The Korea Times has deleted all documents it downloaded during a pre-reporting exploration of the server.

Park Si-soo pss@koreatimes.co.kr


X
CLOSE

Top 10 Stories

go top LETTER