AirAsia
Company Details
Linkedin ID:
airasia
Website:
Employees number:
14,245
Number of followers:
919,986
NAICS:
481
Industry Type:
Homepage:
airasia.com
IP Addresses:
0
Company ID:
AIR_3357924
Scan Status:
In-progress
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
AirAsia Vendor Cyber Rating & Cyber Score
airasia.comIt all starts here. 23 years ago, a dream took flight - shaping and forever changing the travel industry in Asia. The idea was simple: Make flying affordable for everyone. We made that dream happen. We started an airline in 2001. Today, we’ve evolved to become something much bigger. We’re now a world-class brand, a leading Asean airline, a digital travel and lifestyle platform; and we’re not stopping. If you’re passionate about connecting people and transforming lives, we want you onboard. When it comes to your career, your Allstar journey will be an adventure. Find your dream career destination with us.
AirAsia A.I CyberSecurity Scoring
AirAsia Risk Score (AI oriented)Between 600 and 649
AirAsia
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
AirAsia Global Score (TPRM)XXXX
AirAsia
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
AirAsia Company CyberSecurity News & History
Past Incidents
2
Attack Types
1
AirAsia, Kuala Lumpur International Airport and Malaysia Airlines: Qilin ransomware claims Malaysia Airlines hack – are passenger records at risk?
Ransomware
Rankiteo Explanation
Attack threatening the organization's existence
Description: Qilin Ransomware Group Claims Attack on Malaysia Airlines The Qilin ransomware gang has listed Malaysia Airlines on its dark web leak site, marking the latest in a series of cyberattacks targeting the aviation sector. The group, which operates under a ransomware-as-a-service (RaaS) model, has rapidly escalated its activities, emerging as the most active ransomware operation of 2025 with over 1,000 victims that year and more than 200 additional claims in early 2026. The incident, dated February 22, 2026, remains unconfirmed by Malaysia Airlines or investigators, as Qilin has yet to provide proof of stolen data unlike its typical tactic of releasing file samples to pressure victims. The lack of evidence leaves uncertainty about whether the attack involved a confirmed breach, a failed intrusion, or a negotiation ploy. No details have been disclosed regarding potential exposure of passenger data, employee records, or operational systems. This follows a March 2025 ransomware attack on Kuala Lumpur International Airport (KLIA), also attributed to Qilin, which disrupted flight information displays, check-in systems, and baggage handling for over 10 hours. The aviation industry has become a prime target for ransomware groups, drawn by the combination of operational leverage and access to sensitive personal and corporate data. Qilin, linked to Russian cybercriminal networks, has expanded its victim pool beyond traditional sectors like finance and healthcare to include critical infrastructure, government agencies, and transportation entities. Past attacks on airlines and airports have exposed passenger names, passport details, and internal documents, raising concerns about identity fraud and phishing risks. Malaysia’s aviation sector has faced repeated cyber threats, including a 2022 ransomware attack on AirAsia by the Daixin Team and a 2020–2021 data breach at Malaysia Airlines. While the current claim lacks verification, analysts note that ransomware groups often withhold evidence during negotiations, with data dumps or public disclosures occurring only if talks fail. The incident underscores the growing vulnerability of global aviation to cyber extortion, with ransomware gangs increasingly prioritizing high-impact targets for financial gain and operational disruption.
AirAsia
Ransomware
Rankiteo Explanation
Attack threatening the organization's existence
Description: AirAsia Group was targeted by Daixin ransomware group that exposed 5M UNIQUE Passenger personal data, and all employee's personal data leaked. The exposed information includes the date of birth, country of birth, where that person is from when employed for employees and the “secret question and answer” used to secure accounts. The group claims that after encrypting its database and requesting an unspecified price to unlock it and reveal how it gained access to the network, it gave AirAsia a sample of the data. In order to avoid encrypting or destroying anything that would be life-threatening, Daixin Team stated it had avoided locking up crucial files linked to flying equipment. However, it has entirely restricted access to staff and passenger records until payment has been received.
AirAsia Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for AirAsia
Incidents vs Airlines and Aviation Industry Average (This Year)
AirAsia has 41.52% fewer incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
AirAsia has 14.53% fewer incidents than the average of all companies with at least one recorded incident.
Incident Types AirAsia vs Airlines and Aviation Industry Avg (This Year)
AirAsia reported 1 incidents this year: 0 cyber attacks, 1 ransomware, 0 vulnerabilities, 0 data breaches, compared to industry peers with at least 1 incident.
Incident History — AirAsia (X = Date, Y = Severity)
AirAsia cyber incidents detection timeline including parent company and subsidiaries
AirAsia Company Subsidiaries
It all starts here. 23 years ago, a dream took flight - shaping and forever changing the travel industry in Asia. The idea was simple: Make flying affordable for everyone. We made that dream happen. We started an airline in 2001. Today, we’ve evolved to become something much bigger. We’re now a world-class brand, a leading Asean airline, a digital travel and lifestyle platform; and we’re not stopping. If you’re passionate about connecting people and transforming lives, we want you onboard. When it comes to your career, your Allstar journey will be an adventure. Find your dream career destination with us.
Loading...
AirAsia Similar Companies
easyJet
We’re on a mission to make low-cost travel easy. Whatever your role, you’ll connect millions of people to what they love using Europe’s best airline network, great value fares, and friendly service. And to help us get there we’ll give you everything you need to make a personal impact on our growing
Welcome aboard Singapore Airlines on LinkedIn. Discover travel inspirations, business travel tips, cultural insights, our latest updates, and more. Singapore Airlines is a global company dedicated to providing air transportation services of the highest quality and to maximising returns for the ben
We’re creating an airline people love. It begins with each Alaska Airlines employee, bringing unique strengths and energy to our work in the air and on the ground. Every day, we go beyond what’s expected and reach for the remarkable, together. Welcome to our LinkedIn page. We like conversations on
!BIenvenido al sitio oficial! Avianca es la primera aerolínea comercial fundada en las Américas y la segunda en el mundo. Enfocados en alcanzar la excelencia y eficiencia operacional, se dio marcha a una profunda reorganización de los procesos, la cual ha estado acompañada de la modernización
Air India SATS Airport Services Private Limited (AISATS)
Welcome to AISATS! As India's leading gateway services company headquartered in Mumbai and operating in Delhi, Bengaluru, Hyderabad, Thiruvananthapuram, Mangaluru and Ranchi airports, we at AISATS, care for our client airlines and their passengers. Our customers know when they do business with us
Qatar Airways is the national airline of the State of Qatar. Based in Doha, the Airline’s trendsetting on-board product focuses on: comfort, fine cuisine, the latest in-flight audio & video entertainment, award-winning service and one of the youngest and most advanced aircraft fleet in the sky. Awa
Red. Hot. Spicy. That’s not just our tagline, it’s how we fly. Red reflects the bold spirit we bring to every journey, energetic, passionate, and full of heart. Hot captures the warmth of our service and the vibrant destinations we connect. Spicy is our drive to keep travel exciting through innovati
JetBlue
JetBlue — New York's Hometown Airline — was born at JFK in 1999 with the mission of bringing humanity back to air travel, and is now a leading carrier in NYC, Boston, Fort Lauderdale, Orlando, and San Juan. JetBlue serves 40M+ customers annually, with low fares and award-winning service to 100+ dest
Menzies Aviation
People. Passion. Pride. These have driven our team since 1833. Since that time, we have developed to become a critical partner in the global aviation industry, delivering time-critical logistics services at over 350 locations in 65 countries, across six continents. But at the heart of our
.png)
AirAsia CyberSecurity News
February 27, 2026 08:00 AM
Malaysia Airlines claimed by Qilin ransomware – no details, but big questions
Qilin ransomware has listed Malaysia Airlines on its leak site without providing proof or data samples, raising new questions about possible...
November 11, 2025 08:00 AM
Malaysia Elevates Aviation Security With New Cyber Framework
Malaysia has launched the Civil Aviation Authority of Malaysia (CAAM) Cybersecurity Framework and Policy, a move designed to bolster the...
July 26, 2025 04:41 AM
AirAsia hit by ransomware attack, five million passenger and employee data compromised
KUALA LUMPUR (Nov 23): AirAsia Group fell victim to a ransomware attack earlier this month on Nov 11 and 12 by Daixin Team. According to DataBreaches...
June 14, 2025 07:00 AM
Fahmi: AirAsia To Name Plane After Media Practitioners
In a symbolic gesture celebrating the role of the media, Communications Minister Datuk Fahmi Fadzil announced that AirAsia will name one of...
February 14, 2025 08:00 AM
AirAsia MOVE's monthly active users and number of transactions up quarter on quarter in fourth quarter 2024
Malaysia-based Capital A's online travel agent (OTA) platform AirAsia MOVE has achieved higher monthly active users (MAUs) and number of...
January 27, 2025 08:00 AM
AirAsia plans MRO facility in Philippines — DoF
The AirAsia group has expressed plans to establish a maintenance, repair, and operations (MRO) facility in the Philippines, according to the Department of...
July 25, 2024 07:00 AM
AirAsia’s Tony Fernandes wants Microsoft compensation for CrowdStrike outage
On Friday, a flawed update from U.S. cybersecurity company CrowdStrike crashed Windows PCs all over the world, with computers displaying the...
July 22, 2024 07:00 AM
China unscathed by CrowdStrike-Microsoft outage on back of cybersecurity drive
Emerging largely unharmed from the global tech disruption shows that mainland China's push for 'safe and controllable' computing systems has...
July 21, 2024 03:10 AM
Indonesia AirAsia Ensures All Flight Operation Gradually Return to Normal After Global IT Disruptions
Indonesia AirAsia ensured that all flight operations on Saturday, July 20, 2024, began to gradually normalize after experiencing disruptions due to global IT...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
AirAsia CyberSecurity History Information
Official Website of AirAsia
The official website of AirAsia is http://www.airasia.com.
AirAsia’s AI-Generated Cybersecurity Score
According to Rankiteo, AirAsia’s AI-generated cybersecurity score is 636, reflecting their Poor security posture.
How many security badges does AirAsia’ have ?
According to Rankiteo, AirAsia currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has AirAsia been affected by any supply chain cyber incidents ?
According to Rankiteo, AirAsia has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does AirAsia have SOC 2 Type 1 certification ?
According to Rankiteo, AirAsia is not certified under SOC 2 Type 1.
Does AirAsia have SOC 2 Type 2 certification ?
According to Rankiteo, AirAsia does not hold a SOC 2 Type 2 certification.
Does AirAsia comply with GDPR ?
According to Rankiteo, AirAsia is not listed as GDPR compliant.
Does AirAsia have PCI DSS certification ?
According to Rankiteo, AirAsia does not currently maintain PCI DSS compliance.
Does AirAsia comply with HIPAA ?
According to Rankiteo, AirAsia is not compliant with HIPAA regulations.
Does AirAsia have ISO 27001 certification ?
According to Rankiteo,AirAsia is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of AirAsia
AirAsia operates primarily in the Airlines and Aviation industry.
Number of Employees at AirAsia
AirAsia employs approximately 14,245 people worldwide.
Subsidiaries Owned by AirAsia
AirAsia presently has no subsidiaries across any sectors.
AirAsia’s LinkedIn Followers
AirAsia’s official LinkedIn profile has approximately 919,986 followers.
NAICS Classification of AirAsia
AirAsia is classified under the NAICS code 481, which corresponds to Air Transportation.
AirAsia’s Presence on Crunchbase
No, AirAsia does not have a profile on Crunchbase.
AirAsia’s Presence on LinkedIn
Yes, AirAsia maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/airasia.
Cybersecurity Incidents Involving AirAsia
As of April 02, 2026, Rankiteo reports that AirAsia has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
AirAsia has an estimated 3,760 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at AirAsia ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.
Incident Details
Can you provide details on each incident ?
Title: AirAsia Group Data Breach by Daixin Ransomware
Description: AirAsia Group was targeted by Daixin ransomware group that exposed 5 million unique passenger personal data, and all employee's personal data leaked. The exposed information includes the date of birth, country of birth, where that person is from when employed for employees and the “secret question and answer” used to secure accounts. The group claims that after encrypting its database and requesting an unspecified price to unlock it and reveal how it gained access to the network, it gave AirAsia a sample of the data. In order to avoid encrypting or destroying anything that would be life-threatening, Daixin Team stated it had avoided locking up crucial files linked to flying equipment. However, it has entirely restricted access to staff and passenger records until payment has been received.
Type: Ransomware
Threat Actor: Daixin Ransomware Group
Motivation: Financial Gain
Title: Qilin Ransomware Group Claims Attack on Malaysia Airlines
Description: The Qilin ransomware gang has listed Malaysia Airlines on its dark web leak site, marking the latest in a series of cyberattacks targeting the aviation sector. The incident remains unconfirmed by Malaysia Airlines or investigators, with no proof of stolen data provided by Qilin. The attack may involve a confirmed breach, a failed intrusion, or a negotiation ploy, but details about potential exposure of passenger data, employee records, or operational systems are undisclosed.
Date Detected: 2026-02-22
Date Publicly Disclosed: 2026-02-22
Type: Ransomware
Threat Actor: Qilin ransomware gang
Motivation: Financial gain, operational disruption
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
Impact of the Incidents
What was the impact of each incident ?
Incident : Ransomware AIR1013221122
Data Compromised: Passenger personal data, Employee personal data
Systems Affected: Database
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Data, , Passenger Names, Passport Details, Internal Documents and .
Which entities were affected by each incident ?
Incident : Ransomware AIR1013221122
Entity Name: AirAsia Group
Entity Type: Airline
Industry: Aviation
Customers Affected: 5 million passengers and all employees
Incident : Ransomware MALAIR1772151934
Entity Name: Malaysia Airlines
Entity Type: Airline
Industry: Aviation
Location: Malaysia
Data Breach Information
What type of data was compromised in each breach ?
Incident : Ransomware AIR1013221122
Type of Data Compromised: Personal data
Number of Records Exposed: 5 million unique passenger personal data, All employee personal data
Sensitivity of Data: High
Personally Identifiable Information: Date of birthCountry of birthEmployment locationSecret question and answer
Incident : Ransomware MALAIR1772151934
Type of Data Compromised: Passenger names, Passport details, Internal documents
Sensitivity of Data: High
Personally Identifiable Information: Potential
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Ransomware AIR1013221122
Ransom Demanded: Unspecified price
Ransomware Strain: Daixin
Data Encryption: Yes
Data Exfiltration: Yes
Incident : Ransomware MALAIR1772151934
Ransomware Strain: Qilin
References
Where can I find more information about each incident ?
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Dark web leak siteDate Accessed: 2026-02-22.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Ransomware MALAIR1772151934
Investigation Status: Unconfirmed
Additional Questions
General Information
What was the amount of the last ransom demanded ?
Last Ransom Demanded: The amount of the last ransom demanded was Unspecified price.
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an Daixin Ransomware Group and Qilin ransomware gang.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2026-02-22.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2026-02-22.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Passenger personal data, Employee personal data and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Database.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Passenger personal data and Employee personal data.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 5.0M.
Ransomware Information
What was the highest ransom demanded in a ransomware incident ?
Highest Ransom Demanded: The highest ransom demanded in a ransomware incident was Unspecified price.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Dark web leak site.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Unconfirmed.
.png)
Latest Global CVEs (Not Company-Specific)
Description
A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!get_macro_mem_COM. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6MemInIF!set_temp_type_default. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6ComFile!load_link_inf. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=airasia' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
