Cebu Pacific Air’s rewards program GetGo was hacked earlier today by Pinoy LulzSec. In a statement released on their official Twitter account, the notorious hacking group warned that a “large data breach is coming”.

Led by kangk0ng, Pinoy LulzSec defaced the webapi subdomain of GetGo and hinted that they managed to access the active directory of the organization including its parent company – the low-cost airline Cebu Pacific.

GetGo was quick to take down the defaced page but the group secured a mirror copy as evidence of their attack.

As of this writing, Pinoy LulzSec has yet to announce when are they going to release more details about the supposed ‘data breach’.

The group also tagged the National Privacy Commission’s (NPC) official Twitter account to call the airline’s attention and issue a breach notification.

This article will be updated as soon as we get new developments about this news.

**Updates**

April 25, 2019 – Cebu Pacific Air released an advisory confirming the unauthorized access that happened in their GetGo application server. The said compromised server does not contain any credit card information. The company has since applied the necessary security measures.

April 25, 2019 – NPC also released a press statement detailing the initial reports sent by Cebu Pacific to their office.

Fjordan Allego
Follow me

Related Posts:

By Fjordan Allego

Fjordan Allego aka Fjordz is an IT security practitioner in the Philippines. He maintains a couple of blogs where he shares his views on various topics that he finds interesting. A self-confessed introvert who's mostly active in social media, Fjordz also loves to travel and explore the wonders of the world.

One thought on “Pinoy LulzSec hacks CebPac’s GetGo; warns large data breach”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.