Malaysia Airlines (MAS) has alerted its customers about a data security breach that involved some personal details of its Enrich members, spanning across an extensive period of about nine years.
“Malaysia Airlines was notified of a data security incident at one of its third-party IT service providers, which involved some personal data of members of Enrich, Malaysia Airlines’ Frequent Flyer Programme between the period of March 2010 and June 2019. The incident did not affect Malaysia Airlines’ own IT infrastructure and systems in any way,” explained the national carrier in an email to its customers.
According to MAS, the personal data that was compromised in the incident included Enrich members’ names, date of birth, gender, contact details, frequent flyer number, frequent flyer status, and frequent flyer tier level. Information regarding their itineraries, reservations, ticketing, ID cards, and payment cards was not included in the breach.
MAS also emphasised that it had no evidence of any personal data being misused as a result of the breach. Additionally, the incident did not disclose any account passwords.
“We are, nevertheless, encouraging Enrich members to change their account passwords as precautionary measure,” it said, adding that MAS will not be contacting members with regard to updating their personal information via telephone calls.