Malaysia Airlines has had possibly the worst year on record for an airline company. First it was Flight 370 that was lost and never recovered. There were 239 people aboard. Then Flight 17 was shot down over Ukraine, presumably by pro-Russian separatists. All 298 people on board were killed.
It doesn't get any worse than the lives lost, but it didn't get any easier for an airline that prior to 2014 had a top safety rating. Cyberscammers came out of the woodwork to take advantage of the tragedies. Hoaxes and frauds popped up all over the Web. Sick ID thieves even stole credit card info from the victims of Flight 17.
Now Malaysia Airlines is at the center of another hacking scandal. Yesterday, its website was taken out of commission for four hours, and anyone trying to access the homepage was redirected to the hackers' site. Mashable reports:
During the outage, the site featured an image of a lizard, and a message saying "404 - Plane Not Found. Hacked by Lizard Squad - Official Cyber Caliphate."
The Lizard Squad hacking group is perhaps best known for the Christmas assault on Xbox and PlayStation's networks. Previously it had hacked and threatened Sony, and over the Christmas holiday, it denied access to millions of gamers around the world.
When Malaysia Airlines restored service to its website, it issued this statement on Facebook:
Malaysia Airlines assures customers and clients that its website was not hacked and this temporary glitch does not affect their bookings and that user data remains secured.
What this means is that Malaysia Airlines itself wasn't hacked. The DNS system that allows people to access its page was attacked and users were redirected. I'm inclined to believe Malaysia Airlines given the nature of the hack, but we can't be sure its servers weren't also compromised. In fact, Lizard Squad issued this tweet in response to Malaysia Airlines' statement:
[MEDIA STATEMENT]: We would like to point out that @MAS is lying about user data not being compromised. Refer to earlier imgur link.
— Lizard Squad (@LizardMafia) January 26, 2015
So what does this mean? We don't know yet. It's possible that Lizard Squad could have obtained passenger data and it may release it at some point. If you've ever flown Malaysia Airlines, you should definitely change your username and password and begin monitoring your personal and financial data for signs of misuse.