Security News > 2021 > March > Malaysia Airlines discloses a nine-year-long data breach
Malaysia Airlines has suffered a data breach spanning nine yearsof data that exposed the personal information of members in its Enrich frequent flyer program.
Starting yesterday, Malaysia Airlines began emailing members of their Enrich rewards program to disclose that they were affected by a data breach.
According to Malaysia Airlines, the breach occurred at a third-party IT service provider who notified the airline that member data was exposed between March 2010 and June 2019.
"Malaysia Airlines was notified of a data security incident at one of its third-party IT service providers which involved some personal data of members of Enrich, Malaysia Airlines' Frequent Flyer Programme between the period of March 2010 and June 2019. The incident did not affect Malaysia Airlines' own IT infrastructure and systems in any way."
While Malaysia Airlines says that no passwords were exposed and there is no evidence of misuse, the airline recommends that users change their passwords anyway.
Update 3/4/21: Updated to clarify that the data spanned 9 years.
News URL
Related news
- Rhode Island confirms data breach after Brain Cipher ransomware attack (source)
- Texas Tech University System data breach impacts 1.4 million patients (source)
- Ireland fines Meta $264 million over 2018 Facebook data breach (source)
- New fake Ledger data breach emails try to steal crypto wallets (source)
- Meta Fined €251 Million for 2018 Data Breach Impacting 29 Million Accounts (source)
- 46% of financial institutions had a data breach in the past 24 months (source)
- UN aviation agency investigating possible data breach (source)
- Washington state sues T-Mobile over 2021 data breach security failures (source)
- Largest US addiction treatment provider notifies patients of data breach (source)
- STIIIZY data breach exposes cannabis buyers’ IDs and purchases (source)