Philippine low-cost carrier Cebu Pacific confirmed there was “unauthorized access” on its rewards app GetGo’s server, prompting a temporary shutdown which has since been secured.
The airline said in a statement: “Cebu Pacific confirms that there was an unauthorized access to a GetGo application server last night. This server has been secured… As a precaution, we have temporarily disabled log-in using GetGo credentials to the cebupacificair.com website and mobile app, both of which remain secure.”
Following the discovery of the breach, Cebu Pacific has alerted the Philippines’ National Privacy Commission (NPC), and the extent of the breach is being determined. As of 0900H Friday (Philippine Time), the GetGo website is currently down with a message saying the site is “undergoing maintenance.”
Cebu Pacific’s GetGo program is the airline’s lifestyle/frequent flyer program that also includes members to earn and points for future travel with debit and credit cards. The airline also added that this information was not compromised.
The GetGo program recently launched a new mobile app for travelers to manage reward travel/redemption earlier this month. Since its launch in 2015, it has a reported 4 million active members and the number of affected accounts has not been determined.