Transport

Airline Identifies Ex-Employees for Data Theft

17 – 24 September 2019

Malaysian-based airline, Malindo Air, has blamed its e-commerce service provider for a data theft incident.
Cyber_News_Transport

Malaysian-based airline, Malindo Air, has blamed its e-commerce service provider for a data theft incident that exposed the personal details of around 30 million passengers. The exposed databases, which included passengers' passport details, addresses and phone numbers, were first discovered in darknet market forums.

Investigations revealed that the leak originated from Malindo’s e-commerce service provider, GoQuo. Two former employees at GoQuo’s development centre in India had accessed and stolen the personal data without authorisation. Malindo Air has also clarified that the incident is not related to the security of cloud service provider Amazon Web Services. 

 

References:

Malindo Air Says Data Leak Caused by Ex-Staffers at Contractor Firm

Malaysia's Malindo Air Confirms Passenger Data Breach

More Weekly Cyber Newsanalysis and insights

Ensign Consulting

Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.​

Ensign Systems Integration

Architecting and implementing cybersecurity solutions that bolster defences

Ensign Managed Security Services

Managing your security operations for advanced threat detection, continuous monitoring, and triage services

Ensign Labs

Performing deep research to analyse vulnerabilities, deploy advanced threat hunting and provide cyber threat intelligence