Pegasus Airlines

Pegasus Airlines

Turkish flight operator Pegasus Airlines suffered a data breach after an AWS cloud storage bucket was left unprotected.

Electronic Flight Bag (EFB) information including the names, surnames, phone numbers, e-mail addresses, titles, flight information of past journeys, flight locations, and photographs and signature images of some employees belonging to an unknown number of customers was stored in an open bucket.

Reportedly around 23 million files, totaling around 6.5 TB of data were found on the bucket.

The bucket also exposed the EFB software’s source code, which contained plain-text passwords and secret keys.

Source: https://portswigger.net/daily-swig/turkish-flight-operator-pegasus-airlines-suffers-data-breach

"id": "PEG11417622",
"linkid": "pegasus-airlines",
"type": "Breach",
"date": "06/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.