A third-party IT provider exposed valuable airline data that experts say could be a goldmine for cybercriminals. Malaysia Air frequent flyer program, Enrich, was breached sometime around March 2010 and remained exposed until June 2019. Thousands of members personal data, including name, date of birth, gender, contact information, ID number, status and tier level, was exposed. The airline has not released a formal statement, but its official Twitter account @MAS offered some explanation in a Mar. 1 response.
Source: https://threatpost.com/malaysia-air-downplays-data-breach/164472/