Days since MCO

MCO started on Mar 18, 2020


Days till RMCO lifted

RMCO expected to lift on Aug 31, 2020


Our coverage on COVID‑19

Malindo Air passengers’ info exposed after airline hit by critical data breach

In breaking news, a massive data breach has hit subsidiaries of Lion Air, including Malaysian airline, Malindo Air. Details leaked include phone numbers, home addresses, and passport information, with the compromised information being leaked onto data exchange forums recently.

Malindo Air CEO Chandran Rama Muthy has confirmed the breach, and says that the company is looking into the matter, while an ongoing investigation involves the Malaysian Communications and Multimedia Commission (MCMC). In addition to that, Malindo will also be enlisting the help of cybersecurity experts in conducting a full forensic analysis of the leak.

But it’s not just Malindo Air passengers who have had their data exposed. The breach also involves data from Thai Lion Air, with Indonesian-based Batik Air potentially compromised as well.

What actually happened?

In essence, the files containing the relevant data were stored in a public cloud storage service: Amazon. A person/organisation known only as Spectre, who runs a site on the dark web that publishes leaked documents and data, posted the data on a variety of platforms—including Telegram, and other hosting sites such as Openload.

The leaked files were then discovered by cybersecurity consultant, Nandakishore Harikumar, during a routine operation for another client. However, when trying to contact Malindo Air, he received “no response”.

“While assessing a few of them we found that Spectre’s website had a new dump which belonged to Malindo Airlines. We accessed the dump, verified the data and understood that it contained sensitive information. We assessed the severity and tried to understand where all the data was on sale.”

The leaked data was basically segmented into 4 files: 2 from Malindo Air and 2 from Thai Lion Air. These files were called “Passengers” and “Passenger Details”, and they contained sensitive information from passengers including dates of birth and passport numbers.

SEE ALSO:  Kids can fly and stay for free with Malaysia Airlines' latest promo

In a statement to SCMP, CEO Chandran Rama Muthy revealed that the breach was discovered last week:

“We found out about this breach last week. We and a third party vendor are checking as we speak, and will come up with a statement soon. We will advise passengers accordingly as per the investigation outcome.”

Currently, Malindo Air has 800 flights travelling weekly to over 40 destinations, with the Malaysian-based airline operating out of the Kuala Lumpur International Airport (KLIA) and the Sultan Abdul Aziz Shah Airport.

Thanks for the tip, @memeranglaut!