Malindo Air is currently investigating a data breach that saw the personal data of some of its passengers hosted on a cloud-based environment being compromised. According to a statement on its Facebook, the airlines said it in-house teams is looking into the matter alongside external data service provider Amazon Web Services and its eCommerce partner GoQuo.
The airline added that it has put in place adequate measures to ensure that the data of its passengers is not compromised, in line with the Malaysian Personal Data Protection Act 2010. It added:
We also do not store any payment details of our customers in our servers and are compliant with the Payment Card Industry Data Security Standard.
It is also in the midst of notifying the various authorities, both locally and abroad, including CyberSecurity Malaysia. Malindo Air is also engaging with independent cybercrime consultants to investigate and report into this incident. As a precautionary measure, the airline advised passengers who have Malindo Miles accounts to change their passwords if identical passwords have been used on the other services online.
Meanwhile, Malindo Air added that it will continue to provide further updates through its website, mobile and social media platforms.
According to Channel NewsAsia, a report by cybersecurity firm Kaspersky Lab said that details of approximately 30 million passengers of Malindo Air and Thai Lion Air, also a subsidiary under Lion Group, were posted in online forums. The report added that the leaked information comprised passengers' passport details, addresses and phone numbers. A+M has reached out to Thai Lion Air for comment.
Recently, Astro experienced a data breach resulting in its customers’ MyKad data being compromised. According to the company, there was “unauthorised access” to details such as name, NRIC number, date of birth, gender, race and address. However, it clarified that less than 0.2% of its consumers are affected and it is in the process of informing them. However, Astro said that the incident was immediately addressed and it stopped the unauthorised access.