LIPAD issues statement on alleged CRK data breach

Advisory, NEWS

LIPAD issues statement on alleged CRK data breach

By TVN
August 15, 2024
No Comments

Luzon International Premiere Airport Development Corporation (LIPAD), operator of Clark International Airport (CRK) has issued an official statement to assure the public, particularly the passengers. That the data and information security of CRK are “intact and safe from possible gray areas.”

Upon receipt of the report, LIPAD immediately activated network security protocols and investigation and has confirmed that:

𝟭. 𝗧𝗵𝗲 𝘄𝗲𝗯𝘀𝗶𝘁𝗲 𝗰𝗹𝗮𝗿𝗸𝗶𝗻𝘁𝗲𝗿𝗻𝗮𝘁𝗶𝗼𝗻𝗮𝗹𝗮𝗶𝗿𝗽𝗼𝗿𝘁.𝗰𝗼𝗺 𝗱𝗼𝗲𝘀 𝗻𝗼𝘁 𝗰𝗼𝗻𝘁𝗮𝗶𝗻 𝗮𝗻𝘆 𝗱𝗮𝘁𝗮 𝗰𝗼𝗹𝗹𝗲𝗰𝘁𝗶𝗼𝗻 𝗳𝗲𝗮𝘁𝘂𝗿𝗲𝘀 𝗮𝗻𝗱 𝗮𝗽𝗽𝗹𝗶𝗰𝗮𝘁𝗶𝗼𝗻𝘀. 𝗠𝗼𝗿𝗲𝗼𝘃𝗲𝗿, 𝘁𝗵𝗲𝗿𝗲 𝗶𝘀 𝗻𝗼 𝗱𝗮𝘁𝗮 𝗿𝗲𝗽𝗼𝘀𝗶𝘁𝗼𝗿𝘆 𝗮𝘀𝘀𝗼𝗰𝗶𝗮𝘁𝗲𝗱 𝘄𝗶𝘁𝗵 𝘁𝗵𝗲 𝘀𝗮𝗶𝗱 𝘄𝗲𝗯𝘀𝗶𝘁𝗲.

𝟮. 𝗟𝗜𝗣𝗔𝗗 𝗮𝗻𝗱 𝗖𝗥𝗞 𝗵𝗮𝘃𝗲 𝗻𝗼 𝗮𝗰𝗰𝗲𝘀𝘀 𝘁𝗼 𝗽𝗮𝘀𝘀𝗲𝗻𝗴𝗲𝗿 𝗱𝗮𝘁𝗮 𝗰𝗼𝗹𝗹𝗲𝗰𝘁𝗲𝗱 𝗳𝗼𝗿 𝗴𝗼𝘃𝗲𝗿𝗻𝗺𝗲𝗻𝘁 𝗿𝗲𝗴𝘂𝗹𝗮𝘁𝗼𝗿𝘆 𝗰𝗼𝗺𝗽𝗹𝗶𝗮𝗻𝗰𝗲 𝘄𝗵𝗶𝗰𝗵 𝗮𝗿𝗲 𝘀𝘁𝗼𝗿𝗲𝗱 𝗶𝗻 𝗟𝗼𝗰𝗮𝗹 𝗣𝗿𝗶𝘃𝗮𝘁𝗲 𝗡𝗲𝘁𝘄𝗼𝗿𝗸𝘀 𝗼𝗳 𝗲𝗮𝗰𝗵 𝗿𝗲𝗴𝘂𝗹𝗮𝘁𝗼𝗿𝘆 𝗮𝗴𝗲𝗻𝗰𝘆.
𝟯. 𝗖𝗼𝗻𝗰𝗲𝗿𝗻𝗲𝗱 𝗴𝗿𝗼𝘂𝗻𝗱 𝗵𝗮𝗻𝗱𝗹𝗶𝗻𝗴 𝗮𝗴𝗲𝗻𝗰𝘆 𝗰𝗼𝗻𝗳𝗶𝗿𝗺𝘀 𝘁𝗵𝗲𝗿𝗲 𝗶𝘀 𝗻𝗼 𝗱𝗮𝘁𝗮 𝗯𝗿𝗲𝗮𝗰𝗵 𝗼𝗻 𝘁𝗵𝗲𝗶𝗿 𝗗𝗮𝘁𝗮 𝗦𝘁𝗼𝗿𝗮𝗴𝗲 𝗦𝗲𝗿𝘃𝗲𝗿 𝘄𝗵𝗶𝗰𝗵 𝗶𝘀 𝗖𝗹𝗼𝘂𝗱 𝗵𝗼𝘀𝘁𝗲𝗱. 𝗔𝗰𝗰𝗲𝘀𝘀 𝗶𝘀 𝗿𝗲𝘀𝘁𝗿𝗶𝗰𝘁𝗲𝗱 𝘁𝗼 𝘂𝘀𝗲𝗿𝘀 𝘄𝗶𝘁𝗵𝗶𝗻 𝘁𝗵𝗲 𝗼𝗿𝗴𝗮𝗻𝗶𝘇𝗮𝘁𝗶𝗼𝗻 𝗼𝗿 𝗱𝗼𝗺𝗮𝗶𝗻.

LIPAD also said that, “Apart from the aforementioned Network Security protocols, we have our Active Firewall redundancy in place capturing and securing the LIPAD Network from external threats, risks and malicious attacks.”

While no irregularities have been found in its network security, LIPAD says that the firm takes the allegation seriously and that they are still actively monitoring the situation to ensure the security and privacy of all concerned.

LIPAD stated that is is in constant communication with its stakeholders (airlines, ground handling service providers, government agencies) who are likewise processing and storing personal information and sensitive personal information to guarantee that their respective information and communications systems, especially those which are relevant to CRK’s passengers and clients, are also protected and secured.

LIPAD likewise gives the assurance that “all information processed through our systems are duly stored and protected in accordance with the law, including but not limited to the Republic Act No. 10173, also known as the “Data Privacy Act of 2012.”, and that “Measures are duly implemented to prevent any data security incidents or breaches.”