A bank officer and her husband have been arrested after thousands of pounds were allegedly withdrawn from the accounts of four passengers who had been travelling on the still-missing flight MH370.
The Malaysia Airlines aircraft, which disappeared on 8 March as it travelled from Kuala Lumpur to Beijing, had reportedly been targeted with £20,059 (111,000 Malaysian Ringgit) siphoned from accounts.
The cash was withdrawn in July from bank accounts understood to be with HSBC, and following an internal inquiry a police complaint was logged on 2 August.
It is unknown which bank the suspect works for.
Izany Abdul Ghani, City Commercial Crime Investigation Department Chief Ass Comm, confirmed that the woman had worked for the institution for 10 years and was arrested at her home in Ampang, in the Kuala Lumpur suburbs, at 4pm local time yesterday.
According to Malaysian newspaper The Star, he said: "Her husband, 33, was picked up by police at a workshop in Ampang where he had taken his car for repair. Police believe he is also involved in the siphoning of the money.
"Police are yet to get the recording from a closed-circuit camera in the bank. It will take a little time."
The couple are understood to have no previous criminal record and will be remanded until Sunday.
Officials are also looking for a Pakistani man, believed to have been involved somehow as he allegedly received some of the fraudulent money, but his relationship to the couple is still unknown.
“We are investigating the case as unauthorised access with intent to commit an offence,” Mr Abdul had told reporters earlier this week.
Mr Abdul also explained how the money was accessed, disclosing that funds from the bank accounts of three passengers had been transferred into a fourth.
An internet transfer of £6,640 was then made in the beginning of July into a separate account “believed to be that of one of the suspects”, he said.
From 18 July, “ATM withdrawals of RM5,000 (£948) [were then taken out] daily until the account was empty.
“We are now trying to trace the identity of the suspect who opened that account,” he added.
Under Malaysia’s Computer Crimes Act 1997, the offence can carry a prison term of 10 years or a fine of £28,500 (150,000 Malaysian Ringgit).
HSBC has reiterated that it takes the safety and security of its customers’ information seriously, telling The Star that the matter was referred to the police and it is now the subject of a police investigation.
The bank has been contacted by for comment.