Travel firm plagued by long-term data breach exposing thousands of customers' info

Data Breach at Travel Company OneFly Exposes Sensitive Information

A major data breach has been discovered involving the travel company OneFly, which has left thousands of sensitive records exposed. The leaked information includes identification documents, flight numbers, and full credit card details, putting affected individuals at significant risk.

OneFly provides services to travel agencies and airlines, making it a key player in the global air ticketing industry. The breach, which occurred over several months, also revealed passenger names and other personal details. According to reports, the earliest entries in the leak date back to October 1, 2025.

The exposure of such information could have severe consequences for those impacted. Identification documents, when combined with other personal data, can be used by cybercriminals to commit identity theft. Additionally, the leak of payment card numbers, flight details, and other travel-related information could lead to financial losses due to fraud and travel scams. There is also an increased risk of phishing attacks, where attackers may use the stolen data to trick victims into revealing more sensitive information.

Cybercriminals could even use the leaked data to convincingly impersonate legitimate travel agencies, further increasing the potential for deception and harm.

Technical Vulnerabilities Contributed to the Leak

According to a report, nine internal Java Spring Applications were leaking data in real time through an Elasticsearch instance. These applications inadvertently broadcasted private data, leaving it vulnerable to unauthorized access. Since the system did not have password protection, anyone with the correct IP address could access the information.

The leak also included JSON Web Tokens (JWTs), which are digital credentials that can allow attackers to bypass security measures and gain access to user accounts without needing a password. Cybernews highlighted that these tokens could be used for user impersonation, enabling attackers to access more information from internal company systems.

Impact on Other Companies

This incident follows a similar data breach involving Vietnam Airlines, an airline that serves 20 million passengers annually. The breach involved a third-party customer service platform operated by a global technology partner, raising concerns about the security of customer data.

As a result, certain customer data might have been exposed. In response, Vietnam Airlines took immediate action by working with cybersecurity experts, relevant authorities, and the third-party partner to address the issue.

At the time, the airline confirmed that important data, including payment information, passwords, travel itineraries, Lotusmiles balances, and passport details, remained secure. However, the incident underscores the growing risks associated with data breaches in the travel industry.

Ongoing Concerns and Calls for Action

Despite the efforts made by companies like Vietnam Airlines to mitigate the damage, the frequency of such breaches raises serious concerns about data security practices. With more businesses relying on third-party platforms and cloud-based systems, the need for robust security measures has never been more critical.

The situation highlights the importance of continuous monitoring and improvement of cybersecurity protocols. Companies must ensure that their systems are properly protected, especially when handling sensitive customer information.

As investigations continue into the OneFly breach, affected individuals are advised to remain vigilant and take necessary precautions to protect their personal and financial information.