Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

Malaysia Airlines reported suffering a data breach compromising information belonging to members of its frequent flyer program. It is believed that the breach occurred roughly nine years ago. The airline has notified its members by email that the breach took place at its third-party IT supplier. Cybersecurity experts reacted below on the danger of third-party partners and why it took so long for the airline to detect the breach.

Subscribe
Notify of
guest

6 Expert Comments
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Brad Keller
Brad Keller , JD, CTPRP, CTPRA, Chief Strategy Officer
InfoSec Expert
March 10, 2021 8:56 am

<p>While this information may seem fairly benign, it serves as the basis for establishing an individual’s identity on any number of other systems. Thus, it can be used to create fraudulent accounts, it can be leveraged to gain unauthorized access to existing accounts, and it can be used to create phishing activity targeted at these individuals. The phishing implications cannot be overlooked, as the better an attack is able to target an individual using real information, the more successful it will be.</p>

Last edited 1 year ago by Brad Keller
James McQuiggan
James McQuiggan , Security Awareness Advocate
InfoSec Expert
March 3, 2021 2:52 pm

<p>Within society, any time we provide any information about ourselves to another organization, there is an expected level of privacy. When data is provided to organizations for reward programs, the possibility of that organization being attacked and having data stolen is a risk.</p> <p> </p> <p>Within an organization\’s robust security program, along with a layered defense within the network and environment for the protection of sensitive information, it is essential to conduct red team or pen testing exercises. This activity provides the opportunity to discover weaknesses and take corrective actions to reduce the risk of an attack. </p> <p> </p> <p>When working with third-party organizations for providing services, it is vital to conduct the necessary audits and periodic reviews to ensure that the third party is not the weakest link in your security chain.</p>

Last edited 1 year ago by James McQuiggan
Nikos Mantas
Nikos Mantas , Incident Response Expert
InfoSec Expert
March 3, 2021 2:49 pm

<p>It is extremely concerning that a data security incident belonging to one of the world’s major airlines has gone completely unnoticed for this length of time. Data security should be a priority for all organisations today and scanning for threats across all systems, both inhouse and third-party, is essential, especially when they hold confidential customer information. The most important thing for Malaysia Airlines to do now is communicate everything it knows about the attack to customers and shareholders and try to establish the full impact of how many customers were affected and what data was put at risk. Transparency is key in this situation.</p>

Last edited 1 year ago by Nikos Mantas
David Sygula
David Sygula , Senior Cybersecurity Analyst
InfoSec Expert
March 3, 2021 2:43 pm

<p>The Malaysia Airlines breach is further proof that addressing data breaches that occur outside the corporate firewall is vital to managing your third-party risk. As more organisations turn to cloud providers for everything from infrastructure to apps, to support employees, save money and enable digital transformation, they are expanding their attack surface exponentially.<u></u><u></u></p> <p> </p> <p>Organisations must constantly scan for leaked documents outside the enterprise perimeter, including connected storage, open databases, cloud applications and the Dark Web to uncover confidential and sensitive data quickly, before it is exploited.</p>

Last edited 1 year ago by David Sygula
Sam Curry
Sam Curry , Chief Security Officer
InfoSec Expert
March 3, 2021 2:37 pm

<p>Unfortunately, the Malaysia Airlines breach is a reminder how many more strides need to be made before we can put all defenders on higher ground from the cyber attackers. It isn\’t acceptable to hear that the airline thinks the breach could have happened sometime between 2010-2019. Total transparency is needed and they need to hone in on more specific details and be completely transparent with Enrich members. I guarantee members were shocked, as I was, to hear that their personal information has been in the wild for more than nine years. It is beyond unacceptable. In the short term, Enrich members need to stay on top of their credit reports, check their bank statements regularly and frequently update their passwords. For Malaysia Airlines, they can come out of this either the hero or the villain. They can\’t be the victim. I suggest the hero by being honest, open and transparent about the immediate remediation steps they are taking and the preventative measures they are putting in place to protect Enrich members in the future.</p>

Last edited 1 year ago by Sam Curry
Information Security Buzz
6
0
Would love your thoughts, please comment.x
()
x