Malaysia Airlines is embarking on its fifth recovery plan in a decade, but it’s facing an uphill battle.
Hackers have carried out a cyber-attack on the website of Malaysia Airlines and threatened to dump stolen information online after posting a glimpse of customer data they have obtained.
However, the national airline said its data servers remained intact and passenger bookings were not affected.
The airline’s website (www.malaysiaairlines.com) was down for several hours, replaced by messages from hackers, before the company brought it back online by mid-afternoon in Malaysia.
The hackers at first changed the site to display a message saying “404 – Plane Not Found” and that it was “Hacked by Cyber Caliphate,” with a photo of one of the airline’s Airbus A380 superjumbo jets. The browser tab for the website said “ISIS will prevail”, according to the AP news agency.
The hackers later replaced the jet with a picture of a lizard in a top hat, monocle and tuxedo smoking a pipe.
The reference to the Islamic State of Iraq and the Levant (ISIL) was removed and the claim of responsibility changed to “Lizard Squad – Official Cyber Caliphate”, with a link to the group’s Twitter account.
Malaysia Airlines is struggling to recover from twin disasters last year, including the disappearance of Flight 370, which authorities believed crashed 1,800 kilometres off Australia’s west coast, and the downing of Flight 17 over Ukraine.
Lizard Squad has claimed responsibility for a variety of hacks over the past year, most of them aimed at media or gaming companies, including Sony’s PlayStation and Microsoft’s Xbox networks.
Malaysia Airlines released a statement confirming its internet domain name had been compromised, redirecting users to the dummy page.
“At this stage, Malaysia Airlines’ web servers are intact,” it said.
“Malaysia Airlines assures customers and clients that its website was not hacked and this temporary glitch does not affect their bookings and that user data remains secured,” it said.
Lizard Squad, however, tweeted that it was “going to dump some loot found on malaysiaairlines.com servers soon”, and posted a link to a screenshot of what appeared to be a passenger flight booking from the airline’s internal e-mail system.
The particular booking was made by Amy Keh, a Malaysian customer, who said she had made it in October for her mother and two relatives to travel from Kuala Lumpur to Taiwan in March.
“I am a bit worried about their security. Now the whole world knows that they will be going to Taipei,” Keh told AP.
In August, it also tweeted to American Airlines that there might be explosives on a plane carrying the president of Sony Online Entertainment, which makes video games, forcing the flight to be diverted.