Malindo Air Identifies Employees Who Caused the Data Breach

Malaysian airline, Malindo Air, recently confirmed two of its employees were involved in the data breach. The security breach compromised the information behind millions of Malindo Air and Thai Lion Air passengers.

The suspects responsible for the breach are two former employees working for GoQuo, a Malaysian e-commerce services provider. The two former employees reportedly worked at the company’s development center in India, states ZD Net. Both of the former workers of the company supposedly “improperly accessed and stole” the personal information of customers.

Malindo refrained from naming the two suspects involved in the case.

Following the massive incident, Malindo Air immediately reported the incident to both the Indian and Malaysian authorities. The airline is currently working with is the Malaysian Personal Data Protection Commissioners and the National Cyber Security Agency (NACSA). The airline also enlisted the help of local police officers to gain more traction on the investigation.

The carrier also continues to work with important agencies to identify the root of the problem.

Information released to the public include names, dates of birth, passport numbers, and mobile phone numbers, say ZD Net. Some parts of the affected services were up on the Dark Web for sale, said Kaspersky.

A cybersecurity firm, Kaspersky, informed the carrier days after it found out about the leak through online forums and discussions. Malindo Air only made the breach last week. In total, the number of affected individuals reached approximately around 30 million, reports Straits Times.

Despite having its data stolen by its staff workers, the Malaysia-based airline emphasizes that its systems are fully secured. Moreover, authorities and spokespersons from the company maintain that financial information and credit data remain secure. Malindo reveals that the third-party provider is not connected with its server using Amazon Web Services.

In light of the recent events, the company also reset customer passwords to prevent attackers from obtaining relevant information. Customers of the company are also enjoined to call the firm should suspicious activity affect their accounts. Unsolicited phone calls, emails, and other forms of communication should be reported to authorities.

Experts working with the airline are supposedly reviewing their “existing data infrastructure and processes.”

Affected clients can air their concerns and receive feedback. Passengers may call the customer care hotline at (60)3-7841 5388 from 8 am to 10 pm daily. Individuals may also contact the airline via its email address.

While numerous news sites tried reaching GoQuo, the company’s telephone numbers remained inaccessible.