In March 2019, Malindo Air suffered a data breach that compromised the passenger records of over 45 million of its customers. While the airline (which has since been renamed Batik Air following the pandemic) announced that it had successfully contained the leak in September 2019, the consequence of the cybersecurity issue was only known today, that the leaked data was spotted on an online forum known for selling personal data.
As shared by @xanda on Twitter, it appears that the compromised database surfaced on an online forum named clear net. Passenger records leaked from 2019 contain sensitive information such as email addresses, dates of birth, physical addresses, passport numbers and phone numbers.
Malindo Air (a Malaysian airline) database dump posted on clear net. The database contains email addresses, dates of birth, physical addresses, passport numbers and phone numbers; claimed to have been raped in 2019 pic.twitter.com/MVKlYtDREN
—Adnan (xanda) Mohd Shukor (@xanda) September 5, 2022
During the cybersecurity incident in 2019, an organization called Specter claimed that there were those responsible for the leak. In response to the incident, Malindo Air initiated an automatic reset of all customer passwords and warned them to beware of suspicious emails and calls.
Fortunately, the data leak did not affect the credit card and bank details of more than 45 million Malindo Air customers. However, leaked sensitive information can still be used for other malicious purposes.
So what do you think of the whole incident? Share your thoughts with us in the comments below and stay tuned to TechNave for more trending tech news!