Customer data leak: Vietnam Airlines speaks up and takes corrective measures

The airline confirmed that sensitive information such as passwords, credit cards, flight itineraries and passports were not affected.

On the morning of October 14, 2025, Vietnam Airlines officially announced the possibility of a customer data leak related to the online customer care platform operated by a global technology partner.

Vietnam Airlines announces security incident and sincerely apologizes to customers.

According to the national airline, the affected data includes full names, email addresses, phone numbers, dates of birth and Lotusmiles membership numbers.

More sensitive information such as passwords, credit cards, flight itineraries, passports and Lotusmiles account balances are “still securely protected and unaffected,” the company asserted.

The incident occurred in the context that on October 10, 2025, more than 23 million data records from many businesses, including Vietnam Airlines, were being sold on online forums.

Vietnam Airlines said it is working closely with authorities, cybersecurity experts and technology partners to investigate the cause, assess the scope of impact and deploy measures to protect customer data.

To minimize risks for users, the company recommends that customers should "change their Lotusmiles account passwords and associated emails, be wary of fake scams, suspicious emails or calls impersonating Vietnam Airlines", not share personal information or OTP codes, and avoid logging into unauthenticated systems.

Previously, Vietnam Airlines experienced a similar incident about 8 years ago, when data of more than 400,000 Golden Lotus member accounts was leaked.

The company confirmed that its internal technology systems were operating normally and were not attacked.

Source: https://doanhnghiepvn.vn/doanh-nhan/ro-ri-du-lieu-khach-hang-vietnam-airlines-len-tieng-va-dua-bien-phap-khac-phuc/20251015050201242