Malaysian Airlines has suffered a data security “exploit” that imperiled personal information that belongs to the members of its frequent flyer programme, Enrich. The contravention is claimed to have occurred at a point during a period that stretches almost a decade and involved a third-party service provider of IT.
This airline had issued an email to Enhance all members this week, affirmed that it was notified of a “data security breach” at the third-party supplier of IT. The airline’s breach involved “some of the personal data” and had occurred at some time in between March 2010 and June 2019, it affirmed , adding that those details included the names of the members, date of birth, contact information , and various frequent flyer data such as numbers, status, and level of tier.
Traveling data such as schedule , reservation , ticket booking and ID card, and also payment details were not under breach , as per Malaysian Airlines. IT infrastructure or systems of it’s own also were not affected, the conveyor said.
It had noted that there was no evidence that any personal data had been mistreated and that the breach did not exploit any passwords of the accounts, though it coerced the Enrich members to change their account passwords as a precautionary act.
In one of the several such reactions the national carrier announced: “The data security breach incident occurred at our third-party service provider of IT and not in Malaysian Airline’s computer systems. However, the airlines is monitoring any type of suspicious activity.
It recapitulated its stance that there was no indication that the breach impacted any of the account’s passwords, but advised it’s members to change their passwords as a preventive measure.