Personal information from 5 million AirAsia customers flying on AirAsia Malaysia, AirAsia Indonesia, and AirAsia Thailand may have been compromised when the airline was allegedly targeted by a ransomware assault. AirAsia was allegedly the target of a Daixin Team ransomware assault, and the perpetrators released two CSV files containing personal information of passengers and personnel.
On October 21, 2022, the Daixin ransomware group was included in the United States’ Joint CyberSecurity Alert. The CSV file comprises the passenger ID, full name (first, middle, and last), booking ID, and total cost of ticket from the sample data. Meanwhile, the CSV for employee data includes photographs, secret questions, secret answers, birth city, birth state, birth country, and nationality.
According to DataBreaches, the ransomware assault happened on November 11th and 12th, 2022, and it was claimed that AirAsia reacted to Daixin Team through chat. They said that after releasing the sample data, AirAsia did not try to negotiate the ransom sum and had no intention of paying. The ransom price was not published, however, Daixin Team stated that they avoided locking up vital data connected to flying equipment in order to avoid encrypting or deleting anything potentially life-threatening.
We have reached out to AirAsia to get further information on the matter.
