Craig 0 Report post Posted September 18, 2019 Seems like there's a massive data breach in Malindo, Thai Lion Air, and Batik Air. Details including full name, home addresses, e-mail, date of birth, phone numbers, passport numbers and expiration dates were breached. No wonder I received a notification that my e-mail was found in the dark web and I need to attend to it immediately. Maybe Malaysia should strengthen the PDPA to include fines and notification to affected individuals or at least made it public? SCMP report here Malay Mail report here Share this post Link to post Share on other sites
Mohd Azizul Ramli 2 Report post Posted September 18, 2019 In Europe, this is easily an offence carrying a fine of 4% of the revenue of the company involves. BA was hit with the same breach just 2 months ago and is being fined £183 million. https://www.bbc.co.uk/news/business-48905907 Does Malaysia has a governing body like the UK's ICO (Information Commissioner's Office) for cases like this? I have an account with Malindo's FFP. I hope my data is not being breached or am I hopeless here? Share this post Link to post Share on other sites
Craig 0 Report post Posted September 18, 2019 (edited) In Europe, this is easily an offence carrying a fine of 4% of the revenue of the company involves. BA was hit with the same breach just 2 months ago and is being fined £183 million. https://www.bbc.co.uk/news/business-48905907 Does Malaysia has a governing body like the UK's ICO (Information Commissioner's Office) for cases like this? I have an account with Malindo's FFP. I hope my data is not being breached or am I hopeless here? Malaysia has PDPA, in some ways, a weak version of EU's GDPR. No fines or notification to affected individuals within a certain time frame to speak of. This is under MCMC's jurisdiction. Depends if they want to take Lion Air / Malindo to court (maybe a better way to generate income for the government instead of taxes?). Edited September 18, 2019 by Craig Share this post Link to post Share on other sites
Craig 0 Report post Posted September 24, 2019 The way Malindo handling this is abysmal. I have not received any notifications from Malindo whilst I have received at least 10 notifications from my ID monitoring company that my passport number, full name, full address, and phone numbers are all over the dark web. Share this post Link to post Share on other sites
Robert 0 Report post Posted September 24, 2019 The way Malindo handling this is abysmal. I have not received any notifications from Malindo whilst I have received at least 10 notifications from my ID monitoring company that my passport number, full name, full address, and phone numbers are all over the dark web. Any recommendations for an ID monitoring company? Share this post Link to post Share on other sites
Craig 0 Report post Posted September 25, 2019 Any recommendations for an ID monitoring company? I have IDNotify (part of Experian) which was ironically provided to me either by Starwood (RIP) or CX or BA leak Share this post Link to post Share on other sites
S V Choong 4 Report post Posted September 25, 2019 I am using Experian too, so it was Malindo that had a data breach... I thought it was MH. Share this post Link to post Share on other sites