Hanoi, Vietnam – Vietnam Airlines has confirmed that a portion of its customer data was accessed without authorization following a data breach at a global technology partner that operates a third-party customer service platform. The airline stated it is one of several global companies impacted by the incident involving the service provider.
The breach exposed several categories of personal information for an undisclosed number of the airline’s customers, including full name, email address, phone number, date of birth, and Lotusmiles membership number.
Vietnam Airlines assured customers that critical and sensitive data—such as payment information, passwords, travel itineraries, Lotusmiles balances, and passport details—remains secure. Furthermore, the airline’s internal IT systems were not affected by the breach.
Upon being alerted to the security incident, Vietnam Airlines stated it immediately coordinated with relevant authorities, cybersecurity experts, and the third-party partner to launch an investigation, contain the unauthorized access, and assess the potential impact.
In an email communication to customers, the airline “sincerely regrets any concern this incident may have caused.” The company “affirmed its commitment to keeping potentially affected customers informed with relevant updates as the investigation continues.”
The company is recommending that affected customers take immediate steps to protect themselves:
- Change the passwords for their Lotusmiles account and any associated email accounts.
- Remain vigilant against potential phishing attempts or suspicious communications impersonating Vietnam Airlines.
- Avoid sharing sensitive information, such as one-time passcodes (OTPs) or login credentials, with unverified sources.
