KUALA LUMPUR, December 10 — The Ministry of Communications and Digital has ordered Capital A, the parent of AirAsia, to submit supporting documents and data for the investigation into the breach of the airline’s networks that exposed the personal information of millions of passengers and staff

Communications and Digital Minister Fahmi Fadzil said the security breach affecting AirAsia customers and employees in three countries including Malaysia was being treated seriously

“In relation to that, the ministry's investigation team consisting of the Personal Data Protection Department (JPDP) and CyberSecurity Malaysia (CSM) have started an investigation by holding discussions with the management of Capital A.

“Preliminary investigations found that a cyber-attack on AirAsia's server system had occurred on November 12, 2022, which resulted from unauthorised access resulting in a ransomware attack, potentially causing data leakage,” he said in a statement. He said the ministry was still investigating the cause of the intrusion and the overall severity of the incident.

“However, the details of the case cannot be disclosed to the public at this time while the investigation is still ongoing to avoid legal implications and disrupt the investigation.

“I urge all data users to constantly monitor and improve cyber security aspects from time to time by ensuring system infrastructure, databases and networks are updated and secure.

“Apart from that, data users must outline a cyber security policy and ensure that the policy is followed as a measure to prevent intrusion by irresponsible parties,” he added.

Last month, the personal data of five million passengers and all employees of AirAsia were reportedly stolen by Daixin Team, with the group claiming responsibility for the ransomware attack that allegedly hit the airline earlier on November 11 and 12.

After the intrusion, a spokesman for the group reportedly derided AirAsia’s network security as so “chaotic” and “disorganised” that it “irritated” the hacker team into stopping any further attacks beyond the initial intrusion.