Lion Air Group is stressing that passenger personal data stored on its cloud-based servers is safe following reports of a potential data breach among its carriers.

The Indonesian airline group says that it is co-operating with authorities there on the potential data breach, and if there are signs that data has been compromised it will take immediate measures to address any vulnerabilities in its systems.

Lion adds that it does not store payment details on its servers, and that any passenger data stored in Indonesia remains safe. Its five group carriers - Lion Air, Thai Lion Air, Wings Air, Malindo Air and Batik Air - have reported the incident to their local authorities.

Malindo disclosed that it was investigating a potential data breach on 19 September, and has engaged independent forensic and data consultants to review its overall data security infrastructure.

That followed a report and social media images which appeared to show data from around 35 million passenger records being circulated by an unidentified hacker. While the images have been modified, the details appear to include addresses, phone numbers, and email addresses.

Malindo adds that the images do not contain payment information made by its passengers.

Thai Lion states it has put “adequate measures” in place to ensure that its passenger’s data are not compromised, and will increase its data security measures.

Source: Cirium Dashboard