Ransomware attack on AirAsia allegedly compromises the data of 5 million customers and employees
Cybercrime group Daixin Team has leaked confidential data containing confidential information belonging to AirAsia. The massive ransomware attack has reportedly exposed more than 5m records online that are thought to include information on customers and employees. AirAsia is the largest airline in Malaysia, has some 22,000 employees from 60 nationalities and is based out of Kuala Lumpur, where it operates domestically and to more than 165 destinations worldwide. Daixin Team has been the subject of a recent US Cybersecurity and Infrastructure Security Agency alert, reportedly informing DataBreaches on November 19 that they had obtained the personal data of 5m unique passengers and all of the company’s employees. DataBreaches, a website that reports data breach incidents around the world, said it was provided with two .csv files that Daixin Team also provided to AirAsia Group. It said one file contained information on named passengers. The second file contained employee information with numerous fields that included name, date of birth, country of birth, location, date employment started, and even their “secret question” and “answer” for password recovery. Citing a Daixin spokesman, DataBreaches said AirAsia responded to the hack by asking Daixin’s negotiator for an example of the data. After receiving the sample, Daixin said the airline “asked in great detail how we would delete their data in case of payment.” According to reports, AirAsia did not attempt to haggle over the price, which could mean they never intended to pay anything. “Usually everyone wants to negotiate a smaller amount,” the spokesperson told DataBreaches.<br/>
https://portal.staralliance.com/cms/news/hot-topics/2022-11-24/unaligned/ransomware-attack-on-airasia-allegedly-compromises-the-data-of-5-million-customers-and-employees
https://portal.staralliance.com/cms/logo.png
Ransomware attack on AirAsia allegedly compromises the data of 5 million customers and employees
Cybercrime group Daixin Team has leaked confidential data containing confidential information belonging to AirAsia. The massive ransomware attack has reportedly exposed more than 5m records online that are thought to include information on customers and employees. AirAsia is the largest airline in Malaysia, has some 22,000 employees from 60 nationalities and is based out of Kuala Lumpur, where it operates domestically and to more than 165 destinations worldwide. Daixin Team has been the subject of a recent US Cybersecurity and Infrastructure Security Agency alert, reportedly informing DataBreaches on November 19 that they had obtained the personal data of 5m unique passengers and all of the company’s employees. DataBreaches, a website that reports data breach incidents around the world, said it was provided with two .csv files that Daixin Team also provided to AirAsia Group. It said one file contained information on named passengers. The second file contained employee information with numerous fields that included name, date of birth, country of birth, location, date employment started, and even their “secret question” and “answer” for password recovery. Citing a Daixin spokesman, DataBreaches said AirAsia responded to the hack by asking Daixin’s negotiator for an example of the data. After receiving the sample, Daixin said the airline “asked in great detail how we would delete their data in case of payment.” According to reports, AirAsia did not attempt to haggle over the price, which could mean they never intended to pay anything. “Usually everyone wants to negotiate a smaller amount,” the spokesperson told DataBreaches.<br/>
