AirAsia

AirAsia, headquartered in Malaysia and operating as the AirAsia Group, is a provider of passenger air transportation services. The company manages extensive databases containing sensitive personal information for both its customers and employees, including names, dates of birth, employment details, and security question answers. This data handling scope indicates a substantial operational scale, serving a large volume of travelers and maintaining a significant workforce. The nature of the records compromised in a 2022 incident underscores the airline's role in collecting and processing detailed personal data as part of its core business activities.

The organization's infrastructure demonstrated critical security deficiencies during a ransomware attack in November 2022. The Daixin Team exploited unpatched vulnerabilities through remote access protocols such as VPN, SSH, and RDP, attributing the successful breach to poorly configured systems and weak security controls. Notably, while the attackers encrypted databases and accessed millions of records, they avoided critical flight systems, suggesting some network segmentation that prevented immediate safety risks. This incident revealed a distinguishing characteristic of AirAsia's cybersecurity posture at the time, marked by inadequate patch management and remote access safeguards. Following the airline's refusal to pay the ransom, the attackers publicly released stolen data and threatened to disclose network backdoors on hacker forums, potentially enabling further malicious activity. The breach compromised over five million passenger and employee records, amplifying the scale of exposure. As a group entity with its headquarters in Malaysia, AirAsia's structure encompasses multiple operational facets, though specific subsidiary details are not provided in the available information.