Thai regional airline Bangkok Airways has acknowledged it fell victim to a cybersecurity (opens in new tab) attack, which has robbed it off personally identifiable information (PII) of customers.
In a statement (opens in new tab), the airline admitted that threat actors had managed to steal sensitive information about its passengers including their name, physical and electronic contact details, passport information, historical travel details, as well as “partial credit card information.”
“On 23 August 2021, Bangkok Airways Public Company Limited discovered that the company had been a victim of [a] cybersecurity attack which resulted in unauthorized and unlawful access to its information system,” the company added.
- These are the best ransomware protection tools (opens in new tab)
- We've put together a list of the best data loss prevention services (opens in new tab)
- Shield yourself with these best identity theft protection services (opens in new tab)
The airline adds that when the incident came to light, the company took steps to contain the event, and is currently not just investigating the breach, but also trying to verify the compromised data and the affected passengers.
Between a rock and hard place
The airline however hasn’t specified the number of customers whose details have been exfiltrated, as that aspect appears to be under investigation.
Strangely, even though it has acknowledged losing “partial credit card” details, the company hasn’t yet offered subscriptions to identity fraud prevention services (opens in new tab), which companies usually do in cases of ransomware (opens in new tab) gangs getting their hands on such sensitive PII.
According to ZDNet, Bangkok Airways’ statement came just when the LockBit ransomware gang announced (opens in new tab) that it had laid its hands on 103 GB of compressed data from the campaign against the airline.
Originally the group had threatened to release the data on August 30 if its ransom demands weren’t met. However, there aren’t reports of the data being disclosed publicly, which probably means that the two parties are at the negotiating table.
Quentin Rhoads-Herrera, Director of Professional Services at Managed Detection and Response (MDR (opens in new tab)) services provider, CriticalStart believes the airline is in a tight spot. Irrespective of whether it decides to pay the ransom or risk damaging its reputation, the company has to muddle through the murky waters of disclosure compliance.
“It is up to Bangkok Airways to notify the customers impacted which might cause complications due to customers residing in several different countries. Adding on top of that the different regulatory bodies like GDPR might require responses from the airways further adding complexity,” suggests Rhoads-Herrera.
- Protect your devices with these best antivirus software (opens in new tab)
Via ZDNet (opens in new tab)