Bangkok Airways loses customer data to a LockBit ransomware attack

Bangkok Airways loses customer data to a LockBit ransomware attack

Bangkok Airways, a regional airline based in Bangkok, Thailand, has reportedly disclosed that it was hit by a cyberattack from ransomware organization, LockBit, on the 23rd of August 2021, resulting in the publishing of the airline’s customers’ compromised data.

Bangkok Airways made the disclosure last week, after LockBit made a post on its portal on the dark web, where it threatened the airline to make a ransom payment for the stolen data or deal with the resulting information leak.

The airline was provided a deadline of five days to make the payment, but instead of doing so, it publicly disclosed the security breach. Following the announcement, LockBit responded by releasing the entirety of the stolen data. Various estimates of the size of the ensuing data dump range from 103GB to more than 200GB.

According to credible reports, the data was primarily business-related, but there was some personal information on passengers in there as well. Information such as names, gender, phone numbers, countries, emails, passport information, addresses, partial credit card numbers, travel history, and even food preferences might have been among the sensitive data.

No aeronautical and operational security systems were harmed, according to Bangkok Airways.

The airline stated that it is looking into the situation and has notified law enforcement authorities and customers. The company has warned customers to be cautious of scammers, particularly those acting as Bangkok Airways personnel and requesting personal information such as credit card numbers.

As a primary preventative measure, the airline has strongly advised its customers to contact their credit card providers or banks and follow their instructions to reset passwords that might have been compromised.

LockBit primarily targets businesses and governments that will be impacted by a ransomware sufficiently enough that paying up is the easiest way out.

Early in August, Accenture, the prominent Irish multinational consulting and professional services firm, was targeted by the gang. The cybercriminals allegedly demanded $50 million in crypto from the consultancy firm. The cybercriminals kept postponing the deadline for the ransom payment until Accenture determined that the stolen data was insignificant.

Source credit:

About the author

Sunil Jha

Sunil Jha has been a part of the content industry for close to two years. Having previously worked as a voice over artist and sportswriter, he now focuses on writing articles for, across a slew of topics, ranging from technology to trade and finance. With a business-oriented educational background, Sunil brings forth the expertise of deep-dive research and a strategic approach in his write ups.