Malaysia Airlines is ensuring travellers that all personal data remains secure after a self declared ‘Cyber Caliphate’ took over the airline’s website domain over the weekend.
Anyone that typed in the airline’s URL was redirected to the hacker website, which carried the headline ‘404- Plane Not Found’ accompanied with an image of a Malaysia Airlines plane – a reference to the missing MH370 plane, which disappeared late year with 239 people onboard.
The words ‘ISIS will prevail’ were also written on some versions of the website in select regions.
Taking accountability for the attack was the Lizard Squad – a group of hackers that took down the Sony PlayStation Network and Microsoft Xbox live network last month.
[MEDIA STATEMENT]: We would like to point out that @MAS is lying about user data not being compromised. Refer to earlier imgur link.
— Lizard Squad (@LizardMafia) January 26, 2015
The group tweeted that it had hacked the airline’s website and was planning on releasing ‘loot’ aka stolen data found on the Malaysia Airlines website.
However, in a Facebook statement Malaysia Airlines said it was only the domain name that had been ‘compromised’ and assured its users that personal data remained secure.
“Malaysia Airlines assures customers and clients that its website was not hacked and this temporary glitch does not affect their bookings and that user data remains secured.”
Malaysia Airlines statement
It took the airline nearly 22 hours to redirect users away from the hacked page.
Unbelievable! #LizardSquad strikes again – this time, targeting Malaysia Airlines http://t.co/AUisQSxuil pic.twitter.com/oBoNd7ad83
— Markus Kasanmascheff (@mkasanm) January 26, 2015
Malaysia Airlines said it had also reported the incident to CyberSecurity Malaysia and the Ministry of Transport.
It is still unclear as to why Malaysia Airline was targeted.
Image: Africa Studio/Shutterstock
Meanwhile, last week it was revealed that an Australian travel insurance company’s database was hacked, with some thousands of personal information stolen and posted online.
Aussie Travel Cover’s website is said to have been targeted late last year, however, the incident wasn’t confirmed to agents until 23 December.
During the online raid, hackers took clients’ names, phone numbers, email addresses and travel dates.