Bangkok Airways has admitted that a cyber-attack previous 7 days led to the compromise of an unspecified quantity of passengers’ personally identifiable information and facts (PII).
The Thai airline claimed in a temporary update late previous week that though the incident didn’t affect “operational or aeronautical security devices,” it does surface as if private details has been accessed.
Personalized knowledge could involve entire title, nationality, gender, phone number, email and home address, call specifics, passport and historical journey information and facts, partial credit score card facts and unique meal facts.
“This incident has been claimed to the Royal Thai police as perfectly as giving notification to the related authorities. For key avoidance actions, the corporation highly suggests travellers to make contact with their lender or credit rating card service provider and abide by their suggestions and change any compromised passwords as quickly as achievable,” the notice continued.
“In addition to that, the company would like to caution passengers to be aware of any suspicious or unsolicited calls and/or e-mails, as the attacker might be saying to be Bangkok Airways and attempt to collect own information by deception (regarded as ‘phishing’).”
While the airline itself didn’t specify how the attackers compromised its IT units or their intent, the discover appeared online at about the identical time as ransomware group LockBit 2. printed information on the attack.
A tweet citing its leak web page claimed the group experienced 103GB of stolen information from the business it prepared to launch.
LockBit 2. was also blamed for a compromise at world wide consultancy Accenture earlier this thirty day period. The Australian Cyber Security Centre (ACSC) published details on the team, which very first appeared in June, on its web site.
It exposed that LockBit 2. had been exploiting the CVE-2018-13379 vulnerability in Fortinet FortiOS and FortiProxy in an attempt to obtain original obtain into victim networks.
Some elements of this write-up are sourced from: