Moscow-based cybersecurity firm Kaspersky has denied producing a report on the recent Lion Group data leak, which affected Malindo Air and Thai Lion Air. The allegation that Malindo Air's statement followed a report by Kaspersky about the airlines' data breach and that Kaspersky had said part of the leaked databases were up for sale on the dark web was reported by several media outlets such as Reuters and CNA. The Business Times, which has re-published the news from Reuters, has since updated the article with an amendment to reflect Kaspersky's clarification.
In a statement to A+M, a Kaspersky spokesperson said it had sent an alert to its Kaspersky Security Cloud users in Thailand and Malaysia on 13 September, two days after information about the Malindo Air and Thai Lion Air data breach went public. The alert aims to notify users of the breach and ask them to treat incoming emails, text messages, and calls with additional caution. It was done via Security News, a in-product component used to rapidly inform Kaspersky's users about important cybersecurity-related news emerging in the public domain.
However, the spokesperson said that Kaspersky has "never produced a report or any other specific intelligence" on the Lion Group airlines data leak and added that the information was earlier reported by Under the Breach twitter channel.
[A+M's PR Asia will come to Malaysia this November, gathering together some of the finest minds, including Kaspersky, to explore the exciting and developing world of digital PR. Join us for a series of exclusive case studies, interactive and thought-provoking discussions at PR Asia on 20 November in Kuala Lumpur, Malaysia. Register now.]
On 18 September, Malindo Air said in a statement on Facebook that it is currently investigating a data breach that saw the personal data of some of its passengers hosted on a cloud-based environment being compromised. The airline added that it has put in place adequate measures to ensure that the data of its passengers is not compromised, and it does not store any payment details of our customers in our servers and are compliant with the Payment Card Industry Data Security Standard.
Besides notifying the various authorities, both locally and abroad, including CyberSecurity Malaysia, Malindo Air said it is also engaging with independent cyber crime consultants to investigate the matter. As a precautionary measure, the airline advised passengers who have Malindo Miles accounts to change their passwords if identical passwords have been used on the other services online.