Malaysia Airlines has suffered a data breach that may have compromised personal information of members of its frequent flyer program Enrich. The airline started emailing members of Enrich this week stating that it was informed of a data security incident at one of its third-party IT service providers which involved some flyers' personal data.
According to the company, the incident occurred between the period of March 2010 and June 2019, but it did not affect Malaysia Airlines’ IT infrastructure and computer systems.
The personal data that may have been compromised during the incident included Enrich members names, date of birth, gender, contact details, frequent flyer number, frequent flyer status, and frequent flyer tier level. The company states that the affected information did not include any data about itineraries, reservations, ticketing, or any ID card or payment card information.
Malaysia Airlines said that it has no evidence that the data was being misused, however, it advised Enrich members to change their accounts’ password as a security measure.
At the time of writing this article, the airline has yet to release official statement regarding the alleged data leak.