Air Asia Suffers Major Data Breach One of Asia’s most popular airlines. Air Asia, suffered from a massive data breach this past month, potentially exposing. The data of hundreds of thousands of users. The airlines have started contacting customers to let them know what options they have going forward.. Let’s take a look at what happened, and how you can protect yourself from experiencing the same thing next time.
Details of the data breach
On Tuesday, October 16th Air Asia announced a data breach that occurred on Monday morning. Use of an unapproved party led to the breach. USB device to transfer files between two computers. The files contained the personal information of passengers including names, passport numbers, flight details and contact information. . AirAsia has stated that they will be notifying all affected customers with more information about the incident in accordance with the General Data Protection Regulation (GDPR).
How many individuals were impacted?
Data breaches are becoming more and more common. with the hacking of well-known businesses like Target and Sony. Air Asia is the latest company to suffer a data breach, which could affect as many as 700 of its customers. The breach happened when an unauthorized person gained access to the airline’s reservation system. Information on the customer, including names, email addresses, card details, and payment card numbers.
How did the breach happen?
A third-party vendor was responsible for the AirAsia Group data leak. Which the company outsourced its operations. The vendor’s security practices were breached. Malicious actors stole information from approximately two million passengers.
The stolen information includes names, dates of birth, nationalities, passport numbers, credit card numbers, and other personal details.
The airline has quickly reassured its customers that no passwords or travel itineraries have been compromised in the breach.
In an effort to protect themselves against further breaches of this nature. They will be implementing stricter security measures in the future. When it comes to using third-party vendors for outsourcing their operations.
Air Asia’s response to the breach
We have informed the police and relevant authorities. We are also conducting a thorough investigation and will take all necessary steps to protect our customers’ data.
Our initial investigations suggest that there was no unauthorized access to any customer data. We are continuing to investigate this incident and will provide more information as soon as we can.
This incident highlights the risk of cyber threats, which is why AirAsia takes cyber security very seriously.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.