Welcome to the

Bit Guardian Blog

Ad Guardian Plus

Data of 30 million passengers exposed by Malindo Air


Recordings of 30 million passengers of Malaysia’s Malindo Air and Thai Lion Air’s, subsidiaries of Indonesia’s Lion Group, were exposed, according to Kaspersky. Leaked records include passenger and reservation IDs, physical addresses, phone numbers, email addresses, names, dates of birth, phone numbers, passport numbers, and passport expiration dates. The Russian cybersecurity company announced that some details of around 30 million passengers in the leaked databases were up for sale on the Dark Web.

Malindo Air representatives confirmed the data breach and started an investigation. The company announced it had notified authorities internationally about the incident and advised customers with online frequent flyer accounts to change their passwords, but it declined to provide more details on its investigation and mentioned it did not store any customer payment details on its servers.

”We are in the midst of notifying the various authorities both locally and abroad including CyberSecurity Malaysia. Malindo Air is also engaging with independent cybercrime consultants to investigate and report into this incident”, said the company in a statement.

The information was left on an unsecured Amazon bucket and the records were stored in two databases containing backup files. The most recent backup, named ‘PaymentGateway, was dated May 25. The databases included respectively 21 million and 14 million records and it seems that data was circulating on exchange forums since August 10.

The directory also included a backup file for the Batik Air, also owned by Lion Air.

Related posts
Ad Guardian PlusNews

Ads for cracked software hide malware to steal passwords

Ad Guardian PlusNews

Google free services threat might mean a new beginning

Ad Guardian PlusNews

Google offices remain empty until July 2021, Sundar Pichai announced

Ad Guardian PlusNews

A Windows 10 update fixes Excel, File Explorer bugs and more

Leave a Reply

Your email address will not be published. Required fields are marked *