Airline Passengers’ Personal Info Posted Online, Malindo Says Rogue Vendor At Fault

An Individual on Twitter claimed that the data that was breached in 2019 has been uploaded to the internet.

Subscribe to our Telegram channel for the latest stories and updates.

In September 2019, the database of a Malaysian airline was leaked onto the internet. The database is said to have been compromised in 2019, and it includes people’s phone numbers, email addresses, dates of birth, addresses, passport numbers, and identification card numbers.

This situation was already tense back in 2019. But when someone brought up the subject again on Twitter, things went from bad to worse.

A Twitter user posted a screenshot of an email he received regarding the data being uploaded onto an online forum.

Malindo Air (a Malaysian airline) database dump published in clear net. The database contains email addresses, dates of birth, physical addresses, passport numbers and phone numbers; claimed to be breached in 2019 pic.twitter.com/MVKlYtDREN
— Adnan (xanda) Mohd Shukor (@xanda) September 5, 2022

A total of 45 million customers were affected by this issue, and Malindo Air received backlash for not prioritising the customer’s safety. There have been reports regarding stolen money as well as receiving of suspicious messages.

Padan la senang sangat orang kena scam and kena hack nowadays. This is crazy. https://t.co/a69B6UMeW8
— Nina | Coway | Shop with Nina (@ninapaiz) September 6, 2022

https://twitter.com/rikahimechan/status/1566972747456323584?s=20&t=yDSi2oujn27obf3RaZGIMw

A few individuals have commented on how insufficient Malaysian data protection is. This is a highly concerning problem as Malaysians receive spam frequently and it must not be normalised.

Ex-employees caused the Malindo data breach.

According to NST, Malindo Air stated that two former workers of an e-commerce contractor were responsible for the breach of passenger data.

Malindo Air stated in a statement that two former workers of e-commerce services provider GoQuo (M) Sdn Bhd’s development center in India “illegally accessed and stole our customer’s personal information.”

The airline said that the data breach has been contained and that Malaysian and Indian authorities have been alerted in 2019.

Share your thoughts with us via TRP’s Facebook, Twitter, and Instagram.