9-year Malaysia Airlines breach gave attackers lots of time to misuse data

9-year Malaysia Airlines breach gave attackers lots of time to misuse data

A Boeing 737-800 jet from Malaysia Airlines. (Md Shaifuzzaman Ayon, CC BY-SA 4.0, via Wikimedia Commons)

Now departing: your airline customer data.


Malaysia Airlines faces the daunting task of investigating over nine years’ worth of compromised data after learning of a “data security incident” at a third-party IT service provider that exposed Enrich frequent flyer program member data from March 2010 through June 2019.


Airline loyalty program data is a popular target among cybercriminals. And a breach that lingers undetected for nearly a decade would have granted any potential attackers plenty of time to leverage such information to commit a host of scams and phishing schemes and to steal and sell victims’ flyer miles. However, Malaysia Airlines claims that so far there is no evidence of data misuse.


“Airlines are a rich source of information, with a big supply of passenger name records that are used to share information between booking systems, global distribution systems and hotels,” said Andrew Barratt, managing principal of solutions and investigations at Coalfire. “Airlines in general are a high-profile target, with loyalty data that can be easily monetized.” Payment information can also be compromised, as was seen in the British Airways breach.


In this particular instance, the compromised data include name, contact information, date of birth, gender, frequent flyer number, membership status, and rewards tier level. Malaysia Airlines’ own internal IT infrastructure was not impacted. Travel details, payment info and passwords were not compromised, although customers are still advised to change their login credentials.


“On the surface, this data seems less likely to cause damage to the consumer. However, this stolen data forms a part of the c ..