Airline Identifies Ex-Employees for Data Theft
Malaysian-based airline, Malindo Air, has blamed its e-commerce service provider for a data theft incident that exposed the personal details of around 30 million passengers. The exposed databases, which included passengers' passport details, addresses and phone numbers, were first discovered in darknet market forums.
Investigations revealed that the leak originated from Malindo’s e-commerce service provider, GoQuo. Two former employees at GoQuo’s development centre in India had accessed and stolen the personal data without authorisation. Malindo Air has also clarified that the incident is not related to the security of cloud service provider Amazon Web Services.
References:Malaysia's Malindo Air Confirms Passenger Data Breach
More Weekly Cyber Newsanalysis and insights
Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.
Ensign Systems Integration
Architecting and implementing cybersecurity solutions that bolster defences
Ensign Managed Security Services
Managing your security operations for advanced threat detection, continuous monitoring, and triage services