KOCHI:
Kochi based cyber security and big data startup, ‘Technisanct’ exposes the data breach of Malindo Air. Personal information which includes Passport details, contact details, addresses, email Id’s and reservation Id’s of about 30 million customers were revealed on various data exchange forums.
The security breach was recognised by Technisanct’s flagship product ‘Integrite’ which continuously monitors and identifies cyber risks including data breaches, credential leakage, phishing sites, privacy issues, misinformation of brands etc. In addition to Malindo Air information pertaining to passengers of Thai Lion Air and Batik Air has also been compromised.
The breach in data was identified by ‘Integrite’ while running the tool to diagnose threats for few of the company’s clients. The violation was recognised on August 12, 2019 by the company authorities though it was not revealed until September 2nd, to evaluate the authenticity of the information. The company officials approached Malindo Air through social media platforms regarding the data breach but the team was reluctant to reply. Later leaked data were made available on hacker forums like mega.nz, openload.ac and through Telegram for 5 to 10 dollars and few on credit basis. Nandakishore Harikumar, CEO of Technisanct Technologies intimated the issue to the CEO of Malindo Air, Chandran Rama Muthy and forwarded a detailed report of the breach on September 11th, 2019. Unfortunately, no further actions were taken until the media started reporting the issue. It is assumed that the data has been leaked out from an external vendor of the company.
“In Asia most of the brands are least aware about the cyber security culture. I believe in Asia except for Singapore none of the countries are conscious about their data and there is no system in place to protect the data of the customers. Unlike Asia, Europe has General Data Protection Regulation (GDPR) for all individual citizens and a single data leak can cost the brand a hefty fine. I strongly believe cyber security should an essential criterion in the development strategy of a brand to avoid such breaches in future”, says Nandakishore Harikumar, CEO of Technisanct Technologies
