KUALA LUMPUR: Malindo Air is investigating a recent compromise with the personal data of Malindo Airways passengers stored on “a cloud-based environment”, says Malindo Air in a statement Wednesday (Sept 18).
Meanwhile, the company assures customers that it does not store the payment details of its customers in its servers, and is compliant with the Payment Card Industry Data Security Standard (PCI DSS).
Passengers who have Malindo Miles accounts are advised by the company to change their passwords, if identical passwords have been used on other online services.
“Our in-house teams, along with external data service providers, Amazon Web Services (AWS) and GoQuo, our e-commerce partners, are currently investigating this breach.
“We are in the midst of notifying the various authorities, both locally and abroad, including CyberSecurity Malaysia.
“Malindo Air is also engaging with independent cybercrime consultants to investigate and report this incident," Malindo Air said in the statement.
The company added that it has put in adequate measures to ensure that the data of its passengers are not compromised, in line with the Malaysian Personal Data Protection Act 2010.
“We will continue to provide further updates through our website, mobile and social media platforms, ” it said.
Did you find this article insightful?