The airline industry has been a ripe target for ransomware groups in 2022. The attackers not only target company's own infrastructure but also through their dependencies.
In Sept 2022, American Airlines has notified customers of a recent data breach after attackers compromised an undisclosed number of employee email accounts and gained access to sensitive personal information.
In August 2022, Airline technology provider Accelya, was attacked by ransomware group. Accelya provides services to Air India, Delta, British Airways, JetBlue, United, Virgin Atlantic, American Airlines, Philippine Airlines and many more [1][2][3].
Air India has sent emails to its B2B customers stating the compromise of login user IDs and passwords of a limited number of B2B clients. This data compromise happened at Air India GST portal which is provided by Accelya Solutions Ltd.
As per Philippine Airlines (PAL) impacted members who joined between 2015 to 2017. Details taken include names, date of birth, nationality, gender, and more.[3]
The AlphV/Black Cat ransomware group published data it allegedly stole from Accelya. The group claimed to have stolen emails, worker contracts and more.
In Aug 2022, Akasa airline began its operations on August 7 in India. On Aug 25, The company said that some Akasa Air registered user information limited to names, gender, email addresses and phone numbers may have been viewed by unauthorized individuals due to a technical configuration.
In May 2022, SpiceJet Airline in India and a Canadian fighter jet supplier were both hit with ransomware attacks.
In Feb 2022, There were reports that stated hackers stole the personal data of 4.5 million Air India passengers.
REF:
Comments