VLCM Blogs - Learn How To Get IT Right

AWS says servers secure following Malindo Air data breach - From ZDNet

Written by Dan Schuyler | Sep 23, 2019 3:56:00 PM

Amazon Web Services says servers containing customer information belonging to the Malaysian airline are secured, following a breach that compromised personal data of 21 million passengers, including that of Malindo's parent company, Lion Air.

From VLCM's Cybersecurity Solutions Architect, Dan Schuyler, 

“Cloud service providers like AWS and Microsoft provide very secure environments. However, it is the cloud customers responsibility to ensure their own environment (systems, applications, services, etc.) are correctly configured to ensure they are secure.  Cloud security requires the same due diligence and oversight that an on premises environment requires. 
 
Additionally, any organization moving to the cloud should ensure they have IT staff with extensive and specific cloud services (AWS, Azure, Google, etc.) implementation and cloud security experience.”
 

Image credit: techcrunch.com

Originally posted on zdnet.com

Amazon Web Services (AWS) Singapore says all servers containing data of Malindo Air customers are secured "with no further vulnerabilities", and no payment details leaked. This confirmation follows a reported security breach that compromised personal data of 21 million passengers including that of Malindo's sister company, Lion Air. 

Forensic and data consultants also had been appointed to assess the overall data security infrastructure, focusing on passenger data protection across all platforms, said Malindo Air in a statement Thursday. In addition, it said remedial measures involving the notification of financial institutions, the police, and other relevant authorities had been established.

The airline reminded customers to be mindful of suspicious or unsolicited calls as well as email messages asking for verification of their personal data. 

The Malaysian carrier's announcement followed a previous statement confirming that data of its customers that were hosted on AWS' cloud platform might have been compromised. The cloud vendor, alongside Malindo Air's e-commerce vendor GoQuo, had begun investigating the breach.  

Malindo Air said it had put in place "adequate measures" that complied with Malaysia's Personal Data Protection Act to ensure its customer data were not compromised. The airline added that it did not store any payment details of on its servers and were compliant with the Payment Card Industry (PCI) Data Security Standard (DSS).

Members of Malindo Air's frequent flyer programme were further advised to change their passwords if they had used similar passwords on other online services. 

The security breach came to light when Kaspersky Lab last week pushed a tip to its cloud users in Thailand, alerting them to exercise caution when managing incoming email and text messages and calls. The Russian cybersecurity vendor said personal details belonging to passengers of Lion Group's Malindo Air and Lion Air had been posted in online forums and put on sale on the dark web. 

The breach reportedly was due to an unsecured AWS data bucket.  

Check Point Software Technologies's Asia-Pacific head of cloud security, Michael Petit, said in a note: "Data stored in cloud services like AWS S3 buckets are only as secure as their security configuration settings. Cloud services are convenient, but require proper configuration for the best security possible within the confines of such technologies. 

"Companies may have hundreds, thousands or even millions of S3 buckets or similar cloud data storage on other competing platforms. With such complexity of data storage in the cloud, it is imperative for companies to persistently audit and correct misconfigurations, as cloud services may also change their settings occasionally," Petit noted. "This is a necessarily laborious and time-consuming process for companies."

According to Check Point, personal data compromised in the breach included the passenger's date of birth, passport number, and mobile number.

RELATED COVERAGE

Lack of collaboration, disclosure affecting APAC security posture

Threat actors are collaborating more effectively than legit businesses in the region, which aren't sharing enough intelligence with others in the industry, says Microsoft Asia CSO.

Cyberattacks can cost APAC healthcare firms $23.3M

Healthcare organisations in Asia-Pacific can incur economic losses of up to US$23.3 million from cybersecurity incidents, though, 45% have either experienced or are not even sure if they have experienced a cyber attack.

APAC consumers have little trust in digital services

Just 31% of Asian consumers believe their personal data will be managed in a trustworthy way by businesses offering digital services, with 40% revealing their trust has been compromised whilst using such services.

One in four APAC firms not sure if they suffered security breach

A quarter of Asia-Pacific companies have experienced a security incident, while 27 percent aren't even sure because they haven't conducted any data breach assessment--even as the region is estimated to have lost US$1.75 trillion last year due to cyberattacks.

APAC firms look to edge for faster response but worry over data security

Edge computing is being sought out for faster response and cost savings, but there are concerns about security and latency when large volumes of data are processed on such platforms.