PETALING JAYA: Following investigations into its data breach, Malindo Air says that the data exposure has since been “contained”.
The airline said investigations revealed that a former employee of its e-commerce services provider, GoQuo (M) Sdn Bhd, in its development centre in India had improperly accessed and stolen the personal data of Malindo Air customers.
“The matter has been reported to the police both in Malaysia and India for further action, ” it said in a statement Monday (Sept 23).
Malindo Air added that it has been working with all relevant agencies including the Malaysian Personal Data Protection Commissioner and the National Cyber Security Agency as well as their counterparts overseas.
In the statement, the airline reiterated that the incident was not related to the security of its data architecture or that of its cloud provider, Amazon Web Services.
“Our systems are fully secured and none of the payment details of customers were compromised due to the malicious act.
“Data forensics and cybersecurity experts have also been brought in to review all our existing data infrastructure and processes, ” the airline said.
Malindo Air said it has also initiated an auto-reset of all customer passwords and advised customers to be wary of any suspicious and unsolicited calls or emails.
Customers can email email@example.com for further assistance.