Cybercrime , Cybercrime as-a-service , Endpoint Security

Bangkok Airways Execs Apologize for Data Breach

LockBit Ransomware Gang Takes Credit, Threatens to Release Data
Bangkok Airways Execs Apologize for Data Breach

Bangkok Airways issued an apology late last week for a data breach that apparently compromised the personally identifiable information for an unstated number of its passengers. The LockBit ransomware gang claimed credit for the attack.

See Also: Ransomware Costing Organizations Billions as CIO's and CISO's Lose Their Jobs

The airline said in its statement it was "deeply sorry" for the incident. The initial intrusion took place on Aug. 23, and so far, the investigation has found the attackers may have accessed some personal data.

The company said the information included: passenger name, family name, nationality, gender, phone number, email, address, contact information, passport information, historical travel information, partial credit card information and special meal information.

"The incident did not affect the company's operational or aeronautical security systems. The company is investigating, as a matter of urgency, to verify the compromised data and the affected passengers as well as taking relevant measures to strengthen its IT system," Bangkok Airways said.

The company warned its passengers to be wary of any emails or phone calls claiming to be from the airline as these may be phishing attempts using the stolen data.

Lockbit Takes Credit

The LockBit ransomware gang claimed responsibility for the attack, saying it had taken 200GB of data from the airline and would post a portion of the data online Monday if its demands were not met, according to a tweet from the darknet threat intelligence firm DarkTracer.

Neither DarkTracer, LockBit nor Bangkok Airways offered details on the ransom demanded.

Bangkok Airways did not say how long the intruder had been inside its network nor how many people or records were involved. According to the research firm Statista, Bangkok Airways handled 5.8 million passengers in 2019, the last year for which data was available.

Recent Public Apologies

The apology from Bangkok Airways executives came after T-Mobile CEO Mike Sievert on Friday issued an official mea culpa for the data breach that exposed information on 54 million of the company's customers and prospects. Sievert also offered a sketchy update on the results of an investigation.

In his 1,200-word statement, the CEO says: "To say we are disappointed and frustrated that this happened is an understatement. Keeping our customers' data safe is a responsibility we take incredibly seriously, and preventing this type of event from happening has always been a top priority of ours. Unfortunately, this time we were not successful."


About the Author

Doug Olenick

Doug Olenick

Former News Editor, ISMG

Olenick has covered the cybersecurity and computer technology sectors for more than 25 years. Prior to his stint as ISMG as news editor, Olenick was online editor for SC Media, where he covered every aspect of the cybersecurity industry and managed the brand's online presence. Earlier, he worked at TWICE - This Week in Consumer Electronics - for 15 years. He also has contributed to Forbes.com, TheStreet and Mainstreet.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.