Flyselskab ramt af ransomware-angreb: Hackere lækker kundernes data

Illustration: Pressefoto/Bangkok Airways
Det thailandske flyselskab Bangkok Airways blev udsat for et ransomware-angreb, men nægtede at betale løsesum. Derefter blev deres data lækket.

Thailandske Bangkok Airways har fået lækket data, efter at flyselskabet nægtede at give efter for et ransomware-angreb.

Det skriver The Register.

Ransomware-gruppen LockBit, der står bag angrebet, gav Bangkok Airways fem dage til at betale løsesummen. I stedet for at betale meddelte flyselskabet om angrebet i en pressemeddelelse, hvilket fik hackerne til at lække mellem 100 og 200 gigabyte data, hvoraf størstedelen er virksomhedsrelaterede dokumenter, men også persondata.

De lækkede persondata kan inkludere navne, nationaliteter, køn, telefonnumre, e-mailadresser, adresser, pas-oplysninger, rejsehistorik og delvise kreditkortnumre.

Bangkok Airways har informeret kunder og de relevante myndigheder og undersøger nu angrebet.

Tips og korrekturforslag til denne historie sendes til tip@version2.dk
Følg forløbet
Kommentarer (1)
sortSortér kommentarer
  • Ældste først
  • Nyeste først
  • Bedste først
#1 Jens Beltofte

Har jeg selv modtaget følgende e-mail, dog har jeg siden jeg fløj med Bangkok Airways for nogle år siden fået både nyt pas og nye kreditkort.....

Dear Valued Customer,

On 23 August 2021, we have discovered that we had been a victim of cybersecurity attack which resulted in unauthorized and unlawful access to our information system.

Upon such discovery, we immediately took action to investigate and contain such event, with the assistance of a leading cybersecurity firm. Currently, we are investigating, as a matter of urgency, to verify the compromised data and the affected passengers as well as taking relevant measures to strengthen our IT system.

We write to inform you now out of the greatest caution that this incident has exposed some of your personal data in our possession to be compromised by the attacker. From our investigation, the personal data that has been accessed are passenger name, family name, nationality, gender, phone number, email, address, contact information, passport information, historical travel information, partial credit card information, and special meal information. Please be assured that such incident does not affect the aviation security and we are still open for business as usual.

This incident has been reported to the Thai police and the relevant authorities. We will continue to update you about the progress on this incident as well as information on steps and proper measures you may take to protect yourself against such exposure.

As a preliminary protection measures, we recommend you contact your bank or credit card provider and follow their advice and change any compromised passwords as soon as you can. We also would like to caution you to be aware of any suspicious and unsolicited calls and/or emails, as the attacker may be claiming to be Bangkok Airways and attempt to gather your personal data by deception (known as 'phishing'). We will not be contacting any customers asking for credit card details and/or any financial details and any such requests should be reported to the police and relevant authorities.

We regret this incident has occurred and want to reassure you that our commitment to security and privacy of your personal data remains paramount. For further correspondence on this matter, please contact us via the following channels;

• Toll-free number 1800-010-171 (within Thailand) during 08.00hrs – 17.30hrs • Toll number 800-8100-6688 (Overseas) during 08.00hrs – 17.30hrs (Thailand Time GMT+7) • Email: infosecurity@bangkokair.com

Sincerely yours, Bangkok Airways PCL.

  • 2
  • 0
Log ind eller Opret konto for at kommentere