Recordings of 30 million passengers of Malaysia’s Malindo Air and Thai Lion Air’s, subsidiaries of Indonesia’s Lion Group, were exposed, according to Kaspersky. Leaked records include passenger and reservation IDs, physical addresses, phone numbers, email addresses, names, dates of birth, phone numbers, passport numbers, and passport expiration dates. The Russian cybersecurity company announced that some details of around 30 million passengers in the leaked databases were up for sale on the Dark Web.
Malindo Air representatives confirmed the data breach and started an investigation. The company announced it had notified authorities internationally about the incident and advised customers with online frequent flyer accounts to change their passwords, but it declined to provide more details on its investigation and mentioned it did not store any customer payment details on its servers.
”We are in the midst of notifying the various authorities both locally and abroad including CyberSecurity Malaysia. Malindo Air is also engaging with independent cybercrime consultants to investigate and report into this incident”, said the company in a statement.
The information was left on an unsecured Amazon bucket and the records were stored in two databases containing backup files. The most recent backup, named ‘PaymentGateway, was dated May 25. The databases included respectively 21 million and 14 million records and it seems that data was circulating on exchange forums since August 10.
The directory also included a backup file for the Batik Air, also owned by Lion Air.