Malaysia Airlines says it suffered a data security ‘incident’ that somehow went unnoticed for nine years.
It compromised data of Enrich frequent flyer members but the airline said there is ‘no evidence’ any personal data had been misused.
It apparently went undetected from March 2010 to June 2019.
Data compromised included members’ name, date of birth, contact information, and various frequent flyer data such as tier level and account number.
It didn’t impact any payment information or ID card information, the airline said.
The breach came via a third-party IT service provider.
"The data security incident occurred at our third-party IT service provider and not Malaysia Airlines’ computer systems. However, the airline is monitoring any suspicious activity concerning its members’ accounts and in constant contact with the affected IT service provider," it said.
















