Bots

#TECH: Five million passengers and employees data from AirAsia allegedly compromised due to ransomware attack

KUALA LUMPUR: About five million passengers, including employees' data belonging to AirAsia, AirAsia Indonesia and AirAsia Thailand were allegedly compromised from a ransomware attack by the Daixin Team ransomware group.

The attack, which allegedly took place on Nov 11 and 12, 2022, was initially reported by DataBreaches.net, after being informed by the threat actors from the ransomware and data extortion group.

According to DataBreaches, a site that reports data breaches incidents worldwide, it was provided with two .csv files which the Daixin Team also shared with AirAsia Group.

The compromised data were said to contain the passengers' information such as their IDs, full name, booking ID, etc (1st file) and employee information with fields such as photos, secret questions and answers, birth city, etc (2nd file).

The Daixin Team has been under the radar of The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and Department of Health and Human Services (HHS), and the agencies have also released a joint Cybersecurity Advisory (CSA) to provide information on the "Daixin Team", which is actively targeting US businesses, mainly in the Healthcare and Public Health (HPH) Sector, with ransomware and data extortion operations.

Daixin's spokesperson said AirAsia responded to the attack, but did not negotiate the amount, which suggests that they didn't intend to pay.

It is also not known the amount Daixin Team has asked from AirAsia to provide a decryption key and to delete all the data they had taken.

The ransomware group said AirAsia Group network's chaotic network and the absence of any standards has caused its team to not repeat their attacks.

However, the hacker group stated that it did not lock up critical files related to flying equipment as part of its avoidance of encrypting or destroying anything that could be life-threatening.

After the recent cybersecurity attacks hitting Malaysia in the past year, the country has been facing several incidents of data theft, such as personal data theft of 22.5 million people from a national registry and a payment gateway data breach.

BOTs has approached AirAsia for comments on this incident, but the airline has yet to respond.

Most Popular
Related Article
Says Stories