Millions of records belong to Thai Lion Air have been found online in a massive data breach from the airline.
Discovered by security researcher Under The Breach, the database of 21 million records included passenger and reservation IDs, physical addresses, phone numbers, email addresses, names, dates of birth, phone numbers, passport numbers and passport expiration dates.
HUGE: Hacker dumps @lionairthai's customer and flight database
First database has 21 million records which include passenger ID, Reservation ID, customer address, phone number and email (1/2)#breach #database #gdpr #blackhat pic.twitter.com/GCJ0LvekWR
— Under the Breach (@underthebreach) September 11, 2019
According to Bleeping Computer, the database is being openly shared on online forums. It’s believed that the database may have been taken from the unsecured Amazon Web Services S3 bucket.
The data, in the wrong hands, could be used for identity theft and other nefarious purposes.
Chiang Mai One has contacted Thai Lion Air for comment and will update the post if a response is received.
Photo: Rawipad CKKU