Logo of Phnom Penh Post newspaper Phnom Penh Post - Lion Air data stolen and leaked by former GoQuo employees

Lion Air data stolen and leaked by former GoQuo employees

Content image - Phnom Penh Post
A Lion Air plane at Soekarno-Hatta International Airport in Tangerang, Banten. THE JAKARTA POST/ANN

Lion Air data stolen and leaked by former GoQuo employees

Malaysia-based airline and Lion Air Group subsidiary Malindo Air has announced the result of its investigation of a data breach that leaked the personal details of some 35 million customers online.

“As a result of the findings, two former employees of [Malindo Air’s] e-commerce services provider, GoQuo Sdn Bhd in its development centre in India, had improperly accessed and stolen the personal data of our customers. The matter has been reported to the police, both in Malaysia and India,” the airlines wrote in a statement on Monday.

The company said it had been working closely with all the relevant agencies, including the Malaysian Personal Data Protection Commissioners, the National Cyber Security Agency, as well as their counterparts overseas.

“Malindo Air is pleased to advise that the data exposure has since been contained,” it added. “Malindo Air wishes to reiterate that this incident is not related to the security of its data architecture or that of its cloud provider Amazon Web Services. All its systems are fully secured and none of the payment details of customers were compromised due to the malicious act.”

Passengers of Batik Air, Malindo Air and Thai Lion Air were shocked when they discovered that their personal details had been posted online sometime in August, according to a cybersecurity research collective, making them vulnerable to various kinds of cybercrime, including identity theft.

The breach was discovered earlier this month by online cybersecurity intelligence collective Under the Breach, which goes by the Twitter handle @underthebreach. The collective posted censored screenshots of Thai Lion Air’s internal data in a brief Twitter thread, showing the sheer scale of the data theft.

The breach has put a spotlight on data protection, which remains a dire concern among businesses in Indonesia, and was also a warning of how fragile data security is in the aviation industry.

Last year, the data of 9.4 million Cathay Pacific passengers were also leaked.

“Cybercriminals will have seen the data breaches affecting other airlines and make the assumption that these are targets worth focusing on, especially considering the sensitive information airlines hold on their customers,” said Aaron Zander, head of IT at HackerOne.

“Leaving a server exposed without any protection is one of the most basic and embarrassing security failings, but still, these breaches continue to happen across the board. When it comes to securing the data of ever more informed consumers, the basics of security need to be covered at a minimum.”

He added that the recent passenger data leak must be used as a lesson for the industry to double down on its security.

“It is also important to remember to check and recheck your security. Modern engineering teams have many people who can improve your infrastructure and security, but equally as many people can make a mistake. Continued testing and checks help keep everyone’s data safe, especially your customers,” he said.

THE JAKARTA POST

MOST VIEWED

  • ‘Education’ a priority traffic-law penalty

    A top National Police official on June 21 neither rejected nor confirmed the authenticity of a leaked audio message, which has gone viral on social media, on a waiver of fines for a number of road traffic-related offences. General Him Yan, deputy National Police chief in

  • Pursat Ford assembly plant opens

    The Kingdom’s first Ford assembly plant was inaugurated on June 16 in Pursat province amid rising demand for brand-new vehicles among Cambodians. The facility is seen as a game changer for the domestic automobile industry, which could bring a wave of investors seeking to cash

  • Volunteer scheme to foster ‘virtuous’ humanitarian spirit

    A senior education official said volunteer work contributes to solidarity and promotes a virtuous humanitarian spirit among the youth and communities. Serei Chumneas, undersecretary of state at the Ministry of Education, Youth and Sport, made the comment during the opening of a training programme called “

  • Siem Reap’s $18M zoo said to educate public, help wildlife

    Angkor Wildlife and Aquarium Co Ltd has invested $18 million in a zoo in Siem Reap province, which will be opened in October to educate and promote animal conservation as well as attract national and international tourists. Currently, the Angkor Wildlife and Aquarium is building the

  • Angkor photo rules clarified

    The Apsara National Authority (ANA) denied that it had banned the use of camera tripods in the Angkor Archaeological Park, explaining that the confusion stemmed from a long-standing rule which required commercial photographers and videographers to apply for permission to film. The explanation followed a

  • $50B infrastructure plan en route

    The government’s upcoming $50 billion,10-year infrastructure master plan will provide tremendous investment opportunities for domestic and foreign entities, transport experts and economists say. Minister of Public Works and Transport Sun Chanthol revealed the plan to Japanese ambassador to Cambodia Masahiro Mikami on June 15. At