Malindo Air Data Breach Update



PETALING JAYA, Sept 23 – Further to the earlier updates into the data breach, Malindo Air is pleased to advise that the data exposure has since been contained.

As a result of the findings, two former employees of its e-commerce services provider, GoQuo (M) Sdn Bhd in their development centre in India had improperly accessed and stole the personal data of our customers. The matter has been reported to the police both in Malaysia and India.

Malindo Air has been working closely with all the relevant agencies including the Malaysian Personal Data Protection Commissioners and the National Cyber Security Agency (NACSA) as well as their counterparts overseas.

Malindo Air wishes to reiterate that this incident is not related to the security of its data architecture or that of its cloud provider Amazon Web Services. All its systems are fully secured and none of the payment details of customers were compromised due to the malicious act.

As a forward proactive measure, data forensics and cyber security experts have been brought in to review all the airline’s existing data infrastructure and processes.

At the same time, Malindo Air has also initiated auto-reset of all customer passwords and cautioned customers to be wary of any suspicious and unsolicited calls and emails. Customers can reach out to [email protected] for further assistance.