Malaysia Airlines has notified that it has a data security incident which reveals personal details of its Enrich members. The flag carrier had sent out an email informing about the security breach to all of its frequent flyer members yesterday evening.
According to Malaysia Airlines, the incident contained personal data of members between March 2010 and June 2019 but it doesn’t affect the airlines’ IT infrastructure and systems. It was mentioned that the incident came from one of its third-party IT service providers.
Details that may have been compromised include name, date of birth, gender, contact details, frequent flyer number, frequent flyer status and frequent flyer tier level. It assured that the affected data doesn’t contain other information such as travel itineraries, reservations, ticketing or any ID card or payment card information.
The airline added that there’s no evidence that any personal data has been misused and it didn’t disclose any account passwords. However, all Enrich members are encouraged to change their passwords as a precautionary measure.
If you’re using the new Digital Profile (Email as username), you can change your password here. For members that are still using the Enrich ID (numbers only) as the login, you can change your password here. Your new password should contain 8-16 characters and it must include uppercase and lowercase characters, and numbers.
Malaysia Airlines has reminded everyone that it will not be contacting members with regard to updating personal information via telephone call. If the personal information falls into the wrong hands, it could potentially be used for scamming activities.
COVID-19
Selangor 
Kuala Lumpur 
Johor 
