3 March 2021

Malaysia Airlines warns Enrich members of ‘data security incident’ spanning nine years


Malaysia Airlines warns Enrich members of ‘data security incident’ spanning nine years

Malaysia Airlines has suffered a data breach that may have compromised personal information of members of its frequent flyer program Enrich. The airline started emailing members of Enrich this week stating that it was informed of a data security incident at one of its third-party IT service providers which involved some flyers' personal data.

According to the company, the incident occurred between the period of March 2010 and June 2019, but it did not affect Malaysia Airlines’ IT infrastructure and computer systems.

The personal data that may have been compromised during the incident included Enrich members names, date of birth, gender, contact details, frequent flyer number, frequent flyer status, and frequent flyer tier level. The company states that the affected information did not include any data about itineraries, reservations, ticketing, or any ID card or payment card information.

Malaysia Airlines said that it has no evidence that the data was being misused, however, it advised Enrich members to change their accounts’ password as a security measure.

At the time of writing this article, the airline has yet to release official statement regarding the alleged data leak.

Back to the list

Latest Posts

Chinese hackers reportedly behind hundreds cyber attacks in Japan

Chinese hackers reportedly behind hundreds cyber attacks in Japan

The attacks targeted nearly 200 companies and organizations in Japan, including the country's space agency and defence firms.
20 April 2021
Lazarus APT has found a clever way to conceal its malicious code

Lazarus APT has found a clever way to conceal its malicious code

The hacker group is now using BMP images to drop its RAT.
20 April 2021
Reuters: Hundreds of customer networks breached in Codecov supply-chain attack

Reuters: Hundreds of customer networks breached in Codecov supply-chain attack

Hackers have used Bash Uploader to gain access to hundreds of networks belonging to the company’s customers.
20 April 2021