Malindo Air data leak blamed on contractor firm’s ex-staffers
The Malaysian subsidiary Malindo Air of the Indonesian Lion Group said its e-commerce contractor’s two former employees had been responsible for its violation of passenger records.
Last week, Malindo Air reported the violation after the Kaspersky Lab in Moscow said in a document that information of about 30 million Malindo passengers and another Thai Lion Air subsidiary had been posted in online forums.
Kaspersky said that some of the leaked servers had been sold on the dark web.
Malindo Air said in a statement that two former e-commerce provider GoQuo employees had “imperfect access and stolen our customers ‘ data” at their development centre in India.
The airline claimed that the data infringement has been detected since then and that it has been identified in Malaysia and India to the police.
Malindo Air also said the infringement was not connected to the safety of the software infrastructure of the Amazon Web Services cloud service provider, and none of its customers ‘ payment information was compromised.