The leak consisted of publicly accessible environment files hosted on the airline’s website. It included MySQL database credentials, SMTP configuration, and other sensitive information, potentially allowing unauthorized access and phishing attacks.