Malindo Air urging clients to change passwords due to data leak

Malino Air informs its clients about a massive data breach involving millions of people

Malindo Air, a subsidiary of Lion Air, experiences a breach incident during which personal data is put up for sale on Dark Web markets

Malindo Air has recently made a Twitter post regarding a data breach. The company has been urging its clients to change old passwords immediately and promised to keep all people updated.^[1] Malindo Air is a Malaysian airline that is owned by Lion Air Group. It was founded in 2012 and is using Boeing 737-800, Boeing 737-900ER, and ATR 72-600 aircrafts for transporting its passengers.^[2]

It seems that the organization experienced a data breach that involves millions of people whose data was exposed to online forums. The total number of passengers touched by the incident is exceeding 30 million. However, this huge number of victims consists not only of Malindo Air clients but also of people who have been using Thai Lion Air services. Thai Lion Air is another subsidiary of Lion Air Group that has also got involved in the data theft.

Exposed details are including passport information, phone numbers, and addresses

According to the company's report,^[3] the exposed data was held on a cloud and included personal information such as passport details, residence addresses, and mobile phone numbers. Gladly, Malindo Air does not keep any particular data about payment services and transfers, so credentials seem to be safe after the incident:

We also do not store any payment details of our customers in our servers and are compliant with the Payment Card Industry (PCI) Data Security Standard (DSS).

The timing of the data breach still remains a question for cybersecurity experts. However, researchers have discovered that someone posted a related hyperlink to an active AWS bucket on the 10th of August. Furthermore, leaked back up files contained data about Malino Air's loyalty and booking services. What is more, the latest backup (from the time of May 25th) included the name of “Payment Gateway.” Also, specialists found that some exposed information was offered for purchase on the Dark Web.^[4]

The MCMC has been notified about the incident

The Malaysian Communications and Multimedia Commission has been informed about the incident, and an investigation is still in process. Malindo Air is looking forward to informing its passengers about anything new related to the incident. Additionally, the company is about to employ a particular security organization that will complete a comprehensive analysis regarding the breach.^[5]

If you are a client of Malindo Air Malaysian airlines, you are highly encouraged to change your online account's password for protection purposes. Additionally, change your passwords on other accounts if you have been using the same password here.

Unfortunately, various airlines have always seemed to very attractive to bad actors. For example, there was a massive data in Air Canada involving around 20,000 people. The users of Air Canada Mobile App were informed about the breach that included information such as passport data, living addresses, phone numbers, emails, etc.^[6] In the meanwhile, exactly one year ago, British Airways announced the data breach affecting 380,000 transactions. The company was fined for £183m for failing to keep users' data safe as the General Data Protection Regulation (GDPR) requires.