AirAsia ransomware attack: Probe ongoing to find source and impact of compromised data, says Fahmi


PETALING JAYA: Investigations are ongoing to find the source of the ransomware attack that compromised the personal data of five million passengers and all employees of AirAsia, says Fahmi Fadzil.

The Communications and Digital Minister said the ministry viewed the incident seriously, with personal information belonging to the airline’s passengers and staff being breached by hacker group Daixin Team.

ALSO READ: AirAsia allegedly hit with ransomware attack, data of five million passengers and employees reportedly compromised (Updated)

“The investigation team from the ministry comprising the Personal Data Protection Department and CyberSecurity Malaysia has started its probe by having discussions with Capital A Bhd, the company that runs AirAsia on Dec 1.

“Early investigations show that the cyberattack on the AirAsia server on Nov 12 was caused by an unpermitted access into the system.

“This led to the ransomware attack which could potentially cause a data leak,” Fahmi said in a statement on Saturday (Dec 10).

Following the discussion with Capital A, the company was ordered to produce related documentation and evidence from the incident to assist in the probe.

“Further investigations are still ongoing to identify the source of the attack as well as the impact caused by the incident.

“However, details of the case cannot be revealed to the public for the time being while the probe is still underway to avoid any legal complications,” Fahmi added.

ALSO READ:Curb data leaks with heavier penalties’

In the meantime, the minister urged all data users to always be on alert and beef up cybersecurity from time to time to ensure the safety of their databases and digital infrastructure.

“I also hope data users will outline cybersecurity policies and make sure these moves are followed as preventive measures against potential intrusions by irresponsible parties,” he said.

ALSO READ: Over 800,000 Malaysians' personal data with photos, allegedly stolen from MySPR site, being sold for about RM9,000

On Nov 23, it was reported that the personal data of five million passengers and all employees of AirAsia were compromised by the Daixin Team, with the group claiming responsibility for the ransomware attack.

Reports said some of the personal data included passenger IDs, full names and booking IDs, as well as employee details like photos, secret questions and answers (likely for account recovery), nationality and date of birth.

AirAsia has previously addressed the incident in an announcement made via the Bursa Malaysia website, stating that “the cyberattack was on redundant systems and did not affect our critical systems” and that it had “taken all measures to immediately resolve this data incident and prevent such future incidents”.

Get 20% OFF The Star Digital Access

Monthly Plan

RM 13.90/month

RM 11.12/month

Billed as RM 11.12 for the 1st month, RM 13.90 thereafter.

Best Value

Annual Plan

RM 12.33/month

RM 9.87/month

Billed as RM 118.40 for the 1st year, RM 148 thereafter.

Follow us on our official WhatsApp channel for breaking news alerts and key updates!

Next In Nation

Pahang cops seize over RM700,000 worth of drugs in Bentong
Thin wire identified as cause of minor explosion LRT Kelana Jaya line
Cops to propose tougher penalties for driving under influence offences
121 lorry drivers among those nabbed after testing positive for drugs in integrated operation
Sabah tipper lorry operators protest exclusion from diesel subsidy
Selangor Sultan thanks Anwar and Najib for LRT3, hits out at Guan Eng and Tony Pua
AGC 'no' to bid for withdrawal of assault charge by woman who tried to hug Perak Ruler
AKPS facing manpower shortage, only 54% have accepted new service scheme
Malaysia, Australia forge strategic defence partnership on rocket, missile technology
Sabah's biodiversity blueprint plays key role in global conservation efforts, says CM

Others Also Read