Back in a week, Malindo confirmed it has been hit by a massive data breach. During this data breach activity, millions of passengers personal information have been leaked. Information such as passport details, home addresses, and phone numbers has been leaked on the Internet. A week after, Malindo has provided its customers with its findings over the incident.
From its findings, Malindo says the data exposure has been contained. According to the independent security firm which Malindo hires, confirms two ex-employees of its e-commerce services provider GoQuo (M) Sdn Bhd are the main culprit. These employees are the development team from India. They had accessed to Malindo Air cloud server and stole the personal data of its passengers.
Malindo has reported it to both its counterparts in Malaysia and India. Now, Malindo Air is working closely with the relevant agencies including the Malaysian Personal Data Protection Commissioners and the National Cyber Security Agency (NACSA) as well as their counterparts overseas.
At this moment, Malindo also confirms none of its passenger payment details has been compromised. Besides that, Malindo firmly says that this data breach incident has nothing to do with its data architecture or its Amazon Web Services cloud provider. It strongly says the whole system is fully secure as it is.
For precaution steps, Malindo Air has also initiated auto-rest of all its customer’s passwords. If you receive any kind of suspicious calls from Malindo, you can reach out to its customer care via email; firstname.lastname@example.org.
Source – Malindo Air