Malindo Air today said the data exposure of its customers that was leaked online recently has been contained.

Its chief executive officer Mushafiz Mustafa Bakri said two former employees of its e-commerce services provider, GoQuo (M) Sdn Bhd, at its development centre in India, had improperly accessed and stole the personal data of Malindo Air customers.

“The matter has been reported to the police both in Malaysia and India,” he said in a statement today.

Malindo Air said it has been working closely with all relevant agencies, including the Malaysian Personal Data Protection commissioners and the National Cyber- Security Agency (Nacsa) as well as their counterparts overseas.

“We wish to reiterate that this incident is not related to the security of our data architecture or that of our cloud provider, Amazon Web Services.

“All Malindo Air's systems are fully secured and none of the payment details of customers were compromised due to the malicious act,” Mushafiz said.

As a forward proactive measure, data forensics and cybersecurity experts have been brought in to review all its existing data infrastructure and processes, he added.

“We have also initiated auto-reset of all customer passwords and would like to caution our customers to be wary of any suspicious and unsolicited calls and e-mails,” he said. - Bernama