Bangkok Airways admitted the data breach happened following an unfortunate cyber attack. While they didn’t reveal many details yet, the LockBit ransomware gang has seemingly confirmed their involvement in the incident.
Bangkok Airways Data Breach
In a recent security notice, Bangkok Airways has apologised to the customers due to the data breach. Calling it a “malicious incident,” the airline revealed that the breach happened due to an “unauthorised and unlawful access” to its systems.
As revealed, Bangkok Airways noticed the breach on August 23, 2021, after which it began investigating the matter. While the investigations remain in progress, initial findings confirm that the attackers have accessed customers’ personal data. However, the incident didn’t impact the firm’s aeronautical and operational systems.
An initial investigation of the incident appeared to confirm that some of the personal data may have been accessed which are, passenger name, family name, nationality, gender, phone number, email, address, contact information, passport information, historical travel information, partial credit card information, and special meal information.
Bangkok Airways has reported the matter to the Royal Thai police and other law enforcement authorities.
Moreover, they also warn the customers to keep an eye on their bank transactions and stay wary of phishing attacks.
LockBit Ransomware Attack Suspected
Currently, Bangkok Airways has not shared any details about the nature of the cyber attack.
However, it seems that the firm has fallen prey to a ransomware attack. According to researchers, the LockBit2.0 ransomware gang has recently threatened Bangkok Airways to leak its data on their dark web site. Thus, it’s clear that the same ransomware gang has attacked the airline.
[ALERT] LockBit ransomware gang has announced Bangkok Airways on the victim list. It announced that 103GB of compressed files will be released. pic.twitter.com/LT2C0Eixxn
— DarkTracer : DarkWeb Criminal Intelligence (@darktracer_int) August 25, 2021
The attackers have claimed to have stolen over 200GB of data belonging to Bangkok Airways that they will publish online.
It presently remains unclear how the threat actors managed to infiltrate Bangkok Airways networks, their ransom demand, and whether or not they got in touch with anyone from the victim firm.