Bangkok Airways, a serious airline firm in Thailand, confirmed it was the sufferer of a cyberattack earlier this month that compromised private knowledge of passengers.
The announcement got here after the LockBit ransomware gang had posted a message on their leak web site claiming the breach and threatening to publish stolen knowledge except the ransom was paid.
LockBit is identical hacker group that breached Accenture international IT consultancy large and demanded a $50 million cost to cease the leak of allegedly 6TB of stolen knowledge.
Following the assault, the risk actor mentioned that they’d collected adequate knowledge to breach some Accenture shoppers.
Passenger knowledge leaked
On Saturday, LockBit ransomware leaked greater than 200GB of information belonging to the Thai firm, suggesting that the safety of its system was in dissonance with the airline’s claims to guard its clients’ privateness.
The airline found the assault on August 23 and took steps to include the incident. An investigation additionally began, to examine what knowledge had been compromised.
Whereas the assault didn’t impression Bangkok Airways’ operational or aeronautical safety techniques, the airline said that the hackers might have accessed private knowledge belonging to passengers.
The main points uncovered through the assault embrace full names, nationality, gender, cellphone numbers, e-mail and bodily addresses, passport information, historic journey knowledge, partial bank card information, and particular meal particulars.
Bangkok Airways warns its clients that the attackers might attempt to impersonate an organization consultant in unsolicited calls or emails to gather extra private knowledge or bank card info.
Concentrate on Accenture clients
Earlier than hitting Bangkok Airways, the LockBit ransomware gang encrypted the techniques of one other airline firm, Ethiopian, and introduced on August 23 the publishing of stolen knowledge.
Each these assaults occurred after the hackers compromised the techniques of Accenture, allegedly with the assistance of an insider.
In a dialog with BleepingComputer, the risk actor mentioned that the Accenture breach gave them entry to credentials that may allow them to go after firm clients.
Though the hackers declined to call a sufferer, they claimed to have compromised an airport that was utilizing Accenture software program and encrypted its techniques.
LockBit ransomware-as-a-service (RaaS) operation has been round since September 2019 however model 2.0 of the malware has emerged earlier this 12 months, in June.
The newest replace of the malware has been utilized in at the very least 70 assaults in opposition to organizations all around the world, a transparent signal of this RaaS operation’s elevated exercise.