Last weekend, the Communications And Digital Ministry (KKMM) announced that it has begun looking into the recent cyberattack on budget airline AirAsia. The leak saw the Daixin ransomware group claiming that it had obtained the personal data of five million passengers as well as AirAsia’s employees.
According to minister Fahmi Fadzil, the ministry’s investigation team, consisting of the Department of Personal Data Protection (JPDP) and CyberSecurity Malaysia (CSM), began discussions regarding the incident with Capital A, AirAsia’s parent company, on 1 December. Initial investigations indicate that the company’s server system was indeed accessed by an unauthorised party on 12 November with the potential for data leaks.
[KENYATAAN MEDIA]
ππππππππ πππππππππππ ππππππππππ πππ πππππππ ππ ππππ πππππππ πππππππ πππππππππ ππππ ππππππππ πππππππππ πππ ππππππππππ πππππππ pic.twitter.com/N37gti52Nk
— Kementerian Komunikasi (@komunikasi_gov) December 10, 2022
Following the discussions, Capital A has been instructed to turn over any documents and computerised data related to the case. Fahmi stressed that further investigations will be conducted to track down the source of the breach in addition to assessing the overall impact of the incident.
We won’t know anything else for a while as the minister stated that no further details of the case would be revealed while investigations are ongoing, as to avoid legal implications and disrupting the investigation. Fahmi added that all data usersΒ should constantly monitor and improve aspects of cybersecurity from time to time by ensuring that system infrastructure, databases, and networks are updated and secure.
Daixin, in an interview with DataBreaches.net, said that it actually reached out to AirAsia and received a response. The amount of the ransom wasn’t revealed, though the group mentioned that the carrier had no intention of paying up to delete the data.
Daixin’s representative lamented AirAsia’s disorganised network, stating that they would not repeat the attack due to the chaos and lack of standards. The company confirmed the cyberattack in a statement a few days later but did not disclose how much personal data exactly was stolen.
Follow us on Instagram, Facebook, Twitter or Telegram for more updates and breaking news.