Millions Of Lion Air Passenger Records Breached – Expert Commentary

Subsidiaries of Indonesian low-cost airline Lion Air, including Malindo Air and Thai Lion Air, have suffered a massive data breach, resulting in the information of millions of passengers being leaked onto data exchange forums. The breached data includes:

  • full names
  • home addresses
  • email addresses
  • dates of birth
  • phone numbers
  • passport numbers and expiration dates

The files of passengers who flew with Thai Lion Air and Malindo Air, were stored in an open Amazon Web Services bucket, where a hacker gained access and dumped the files online.

Experts Comments

September 20, 2019
Roger Grimes
Data-driven Defence Evangelist
KnowBe4
It’s likely that hundreds of thousands of companies have the same cybersecurity issue as Lion Air. Lion Air is just the latest one making the news. One of the biggest weaknesses at nearly every company and in every network is that of overly permissive permissions. It’s always been a problem, but before the cloud, only already-trusted insiders could take advantage of the security misconfigurations and only a minuscule percentage of employees were motivated to go looking. And if they found.....Read More
It’s likely that hundreds of thousands of companies have the same cybersecurity issue as Lion Air. Lion Air is just the latest one making the news. One of the biggest weaknesses at nearly every company and in every network is that of overly permissive permissions. It’s always been a problem, but before the cloud, only already-trusted insiders could take advantage of the security misconfigurations and only a minuscule percentage of employees were motivated to go looking. And if they found and exploited something, the damage was contained and news of the “break-in” often didn’t require public disclosure. But in today’s public cloud-centric world, those same bad habits, of incorrect, overly permissive access control permissions, are being laid bare by attackers who can freely explore all of the world’s best cloud services and exploit found weak permissions…nearly all of which won’t cause a single security event in the exploited company’s event logs. The problem is much bigger than anyone is talking about.  Read Less
September 20, 2019
Stephan Chenette
Co-Founder and CTO
AttackIQ
While Malindo Air is still investigating this incident, it is clear that proper security measures were not in place to safeguard the data contained in that AWS bucket. Information that was left exposed on a public cloud storage resource include passport details, phone numbers and addresses. The mistake or overlooked security measure that led to this breach was most likely a very simple one, as is the case with most of the data breaches we read about in the news week after week. Companies must.....Read More
While Malindo Air is still investigating this incident, it is clear that proper security measures were not in place to safeguard the data contained in that AWS bucket. Information that was left exposed on a public cloud storage resource include passport details, phone numbers and addresses. The mistake or overlooked security measure that led to this breach was most likely a very simple one, as is the case with most of the data breaches we read about in the news week after week. Companies must do a better job at proactively securing sensitive data, starting with the basics and then building to more mature programs. To protect customer data, organizations should employ continuous security validation tools to identify and prioritize gaps in security that need to be addressed first, and continuously assessing the viability of their security controls to make sure they are enabled, configured correctly and operating effectively at all times.  Read Less
September 20, 2019
Ben Goodman
Senior Vice President, Global Business and Corporate Development
ForgeRock
At approximately 4.6 billion, 2019 may set a record in the number of scheduled passengers handled by the global airline industry. With all those customers, airline companies are responsible for protecting a staggering amount of data⁠—making this industry a hot target for threat actors to unleash malicious attacks. Airlines often store highly personal information of passengers, like passports and other travel documents, and the data that was breached could be easily sold on dark web.....Read More
At approximately 4.6 billion, 2019 may set a record in the number of scheduled passengers handled by the global airline industry. With all those customers, airline companies are responsible for protecting a staggering amount of data⁠—making this industry a hot target for threat actors to unleash malicious attacks. Airlines often store highly personal information of passengers, like passports and other travel documents, and the data that was breached could be easily sold on dark web marketplaces and used to commit fraud. Airline companies are now looking into using biometrics and facial recognition to expedite boarding processes, which is concerning given the recent airline breaches in these past years. Knowing this, it is critical that airlines and other organizations that regularly handle sensitive consumer data understand the serious risk associated with a breach of that information, including data leaks due to misconfigurations. It's now easier than ever to utilize security strategies and tools that prescribe real-time, contextual and ongoing security, detecting abnormal behavior and prompting further action to validate identity. Organizations that use these strategies and tools are in a better position to prevent unauthorized access by malicious actors from seizing sensitive consumer data and PII.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Share on facebook
Share on twitter
Share on linkedin

Recent Posts

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts