JAKARTA – The authorities are probing a customer data leak at Lion Air, Indonesia’s communications ministry said on Friday (Sept 20), in a breach that reportedly affected millions of the carrier’s customers.
Two of the airline’s subsidiaries, Malaysia-based Malindo Air and Thai Lion Air, acknowledged passenger data may have been stolen from remote servers operated by Amazon.
“Thai Lion Air has come to be aware that some personal data concerning our passengers hosted on a cloud-based environment may have been compromised,” it said in a statement.
The leak involved the names, birthdays, addresses, phone numbers and other details of up to 35 million customers, the Jakarta Post reported, citing a source.
Lion did not reveal how many customers were affected, but said its payment information was not stored on the affected servers.
Amazon Web Services, which operates servers that stored the breached data, declined to comment.
