Bangkok Airways hit by LockBit ransomware cyber attack

By Laura Berrill
Bangkok Airways loses data after refusing to pay for ransomware cyber attack

Bangkok Airways has revealed it was the victim of a cyberattack from ransomware group LockBit on August 23rd, resulting in the publishing of stolen data, including partial credit card numbers and even passenger meal preferences

The company’s announcement about the matter came last Thursday, a day after LockBit posted a message on its dark web portal threatening the airline to pay a ransom or suffer a data leak.

Refusal to pay led to data dump

The airline was given five days to sort out payment, but instead of paying, it chose to disclose the breach. LockBit responded by publishing all the breach’s information. Competing claims about the resulting data loss rate it at 103GB and more than 200GB.

The data mostly contained business-related documents, but there was some passenger personal data in the mix. The personal data may have included names, nationalities, sex, phone number, email, address, passport information, travel history, partial credit card numbers and even passenger meal preferences.

The Thai regional carrier said however that no operational or aeronautical security systems were impacted.

The airline said it is investigating the incident and has informed law enforcement agencies and customers. Customers were again advised to beware of scammers, especially anyone posing as Bangkok Airways asking for information like credit card details.

A Bangkok Airways statement stated: "For primary prevention measures, the company highly recommends passengers to contact their bank or credit card provider and follow their advice and change any compromised passwords as soon as possible.”

LockBit’s aims and successes

LockBit mostly targets organisations like enterprises and governments that will be disrupted enough by ransomware so that paying up is the best option to resolve the matter.

Earlier this month the same group hit outsourcing and accounting firm, Accenture. Rumors swirled that the cybercriminals had demanded $50 million in cryptocurrency from the consulting MNC. The deadline was continually moved forward until Accenture concluded that the stolen data was not significant.

Another LockBit target was UK train operator Merseyrail, which fell victim in April. Its trains continued to run on time, but the criminals reportedly got into a company director's Office 365 account and used it to email employees and journalists about their achievement. 

 

Share

Featured Articles

How Intel AI is Powering the 2024 Paris Olympic Games

Intel's AI technology is set to transform the Paris 2024 Olympic and Paralympic Games, enhancing experiences for athletes, spectators and global audiences

OpenText’s Muhi Majzoub: Engineering Platform Growth with AI

At OpenText World Europe 2024, we heard from EVP & Chief Product Officer Muhi Majzoub about OpenText’s latest product developments and future outlook

Top 100 Women 2024: Tanja Rueckert, Bosch - No. 6

Technology Magazine’s Top 100 Women in Technology honours Bosch’s Tanja Rueckert at Number 6 for 2024

Tech & AI LIVE London: One Month to Go

Digital Transformation

OpenText CEO Roundtable: The Future of Safe Enterprise AI

Digital Transformation

Top 100 Women 2024: Julie Sweet, Accenture - No. 5

Digital Transformation