KUALA LUMPUR, March 2 — National carrier Malaysia Airlines informed members of its frequent flyer programme Enrich that there had been a “data security incident” at one of its third-party IT service providers.
According to the airlines, the incident happened between a nine-year-period from March 2010 to June 2019.
However, the company did not disclose the number of members affected.
“The personal data involved in the incident included Enrich member names, date of birth, gender, contact details, frequent flyer number, frequent flyer status and frequent flyer tier level.
“It did not include any information about itineraries, reservations, ticketing, or any ID card or payment card information.
“The incident did not affect Malaysia Airlines’ own IT infrastructure and systems in any way,” it said in the emailed statement to Enrich members.
Checks showed the statement was not available on the airlines’ official website nor its social media platforms.
Malaysia Airlines added that it has no evidence that the data was being misused, however, it advised Enrich members to change their accounts’ password for safety reasons.
It further advised members to contact its data privacy officer and said it would not be calling them to update their personal details.