Malaysia Airlines has suffered a data breach spanning nine years that exposed the personal information of members in its Enrich frequent flyer program. Malaysia Airlines says that no passwords were exposed and there is no evidence of misuse, the airline recommends that users change their passwords anyway. The breach occurred at a third-party IT service provider who notified the airline that member data was exposed between March 2010 and June 2019. It is unknown how many Enrich members were affected by this breach. The airline further warned that it would not be contacting members about updating their information over the phone.
Source: https://www.bleepingcomputer.com/news/security/malaysia-airlines-discloses-a-breach-spanning-9-years-of-data/