I agree with Mr Francis Cheng that a law is needed to require companies to report data breaches ("Plug data breaches before hackers strike"; Tuesday).

I have recently been through such an experience.

In March, I booked four tickets through the Singapore Airlines website for travel to London on Aug 12.

When I tried to check in for my flight on Aug 10, I was unable to do so and found, to my horror, that the booking had been cancelled.

SIA's investigations revealed that my booking had been cancelled on Aug 9. But it was unable to trace the culprit, as the IP address belonged to an Internet service provider (ISP) based in Indonesia.

Apparently, the hacker changed my e-mail address, which was why I did not get any notification regarding this cancellation.

The hacker had also tried to update my passport details.

SIA's officer told me that the police were unable to proceed any further as the ISP is in Indonesia.

I am deeply concerned that this could have escalated into a terrorist attack, if our seats had been compromised by someone with ill intent. Our country and the reputation of our airline are also at stake.

There is every possibility that the hacker will attempt to do this again, if we do not pursue this incident.

Since this issue has national implications, I urge the authorities to review the case and take measures to track down the hacker through diplomatic channels.

Passengers should also play it safe and not share any flight booking numbers on social media.

Chris Lim Hong Buay (Madam)