Personal data of an expected 15 to 20 thousand Dutch people who flew with Malaysian airline Malindo Air are currently being offered for sale on a surface web hacker forum. Phone numbers and passport details, among other things, have been captured and are being traded.
If you’ve flown with Malaysian Malindo Air in recent years, chances are your data is currently for sale online. On a well-known hacker forum, a forum member tries to sell a database containing the data of millions of travellers. About 15 to 20 thousand Dutch people are involved in the hack, but also Belgians, Germans and New Zealanders. It is likely that many more nationalities are involved.
What data is involved?
Various flight and personal data were stolen during the hack. Per passenger this includes:
- Passenger ID
- Passenger type (adult, child, infant)
- Salutation (Mr., Ms., Dr., etc)
- First Name
- Last name
- phone number
- Passport number
- Passport issue date
- Passport Expiration Date
- Date of birth
- Country where the passport was issued
The fact that the stolen personal data is now distributed via a hacker forum makes data subjects vulnerable to identity theft and targeted phishing attacks.
VPNGids.nl has gained access to a sample with Dutch data (as well as samples with German, Belgian and Australian data) via the relevant hacker forum. Analysis of the flight numbers has led us to conclude that the airline is Malindo Air. Our team has approached some of those involved to verify the authenticity of the data. All persons we spoke to confirmed that the telephone numbers belonged to them and that they have flown with Malindo Air in recent years. None of the people we spoke to were aware that their data had been leaked. They have not been contacted by Malindo Air.
Our editors have checked whether it is a recent hack. Closer inspection of the current data set suggests that this may be data that was already captured in 2019 and is now reappearing in the criminal circuit. The seller himself claims that it is a hack from 2021, but that is questioned. After discovery, our editors notified the airline and pointed out that the leaked database has been offered on the hacker forum since this week, as part of responsible disclosure.
[text continues below the photo]
The complete dataset, containing data from more than 60 million people worldwide, is currently for sale for five thousand dollars. We could already see German data for three hundred dollars.
Malindo Air previously hacked
Malindo Air is a Malaysian airline that is part of Thai Lion Air. This airline flies between Kota Kinabalu, Kuala Lumpur and Penang. In 2019, Malindo Air was the victim of a major cyberattack in which passenger data was stolen en masse.
Malindo Air promised to release more information through their social media at the time. A search of the Twitter account proves otherwise: no further updates appear to have been shared with the general public. However, press releases have been published on the corporate blog. This explains that personal data has been leaked through the actions of an internal employee.
The airline has a somewhat tumultuous history when it comes to hacks and cybercrime. Malindo Air’s Twitter account was hacked in 2013. The Twitter hacker joked at the time that the company would give away 100,000 tickets.
Catch up on more articles here
Follow us on Twitter here