One of the threats to victims of Lion Air customer data leak is to become a victim of hacking through social engineering techniques.
The way social engineering works is actually very simple. Through social relations such as chatter hackers can pry into the information they need. Hackers generally take advantage of the target's unconsciousness when extracting information.
One obstacle in using this technique is how hackers can convince their victims to uncover other personal data. Well, this is where the role of data that has been spread in cyberspace, including data from the leaked Lion Air customers.
With the leaked data, the perpetrators can convince their victims because they already hold certain data that they already know. The hope is that the victim can be fooled and submit other data.
"So, Lion customers / who have used Lion, please be careful, do not easily trust if contacted (unknown person)," said security observer from Vaksincom Alfons A. Tanujaya when contacted by detikINET .
Alfons also cautioned Lion Air users whose data was leaked in cyberspace so as not to use the leaked data as their password. An example is using a date of birth as a password.
"(Victims need to) be careful not to use this leaked data as a password because it will be easy to guess," he added.
Previously reported the technology blog BleepingComputer revealed as many as tens of millions of customer data from two airlines managed by Lion Air have leaked in an online forum in the past month.
The data is accessed from a virtual Amazon Web Service (AWS) storage that is opened via the web. The data is divided into two databases, the first one contains 21 million data, and the other database contains 14 million data, which are stored in backup files created on May 2019. The
leaked data consisted of information on a resident card or passenger ID, address, telephone number, e-mail, and passport number.