Search This Blog

Showing posts with label Malaysia Airlines. Show all posts

Malaysia Airlines hit by ‘Data Security Incident’

 

Malaysia Airlines has educated Enrich frequent flyer individuals of a “data security incident” via a third-party IT service provider, demanding the breach avoided the national carrier’s core IT infrastructure and systems. The airline had conveyed an emailer to Enrich members this week, expressing it was informed of a "data security incident" at the third-party IT supplier. The breach included "some personal data" and happened sometime between March 2010 and June 2019, it said, adding that these details incorporated members name, date of birth, contact data, and different frequent flyer information like number, status, and tier level. 

Travel information like schedules, reservations, ticketing, and ID card, just as payment details were not compromised, as indicated by Malaysia Airlines. Its own IT infrastructure or systems likewise were not influenced, the carrier said. It noticed that there was "no proof" that any personal information had been abused and the breach didn't uncover any account passwords, however, it encouraged Enrich members to change their passwords as a safety measure. The airline likewise guided clients to pose any questions they may have directly via email to its data privacy officer. 

At press time, Malaysia Airlines presently couldn't seem to make a public statement on the security breach or post a notice on its website. It did, in any case, seem to affirm the incident on Twitter in its answers to clients. In one of a few such responses, the national carrier said: “The data security incident occurred at our third-party IT service provider and not Malaysia Airlines' computer systems. However, the airline is monitoring any suspicious activity concerning its members' accounts and in constant contact with the affected IT service provider to secure Enrich members' data and investigate the incident's scope and causes." 

 The announcement comes less than a month after revelations that software utilized by Singtel was “illegally attacked by unidentified hackers”, accessing file-sharing system FTA via third-party vendor Accellion. As per the telecommunications giant, the breach affected a “standalone system” which is utilized to share data internally as well as with external stakeholders. 

 “This is an isolated incident involving a standalone third-party system,” a statement from Singtel read at the time. “Our core operations remain unaffected and sound.”