Bangkok Airways admits data breach ID theft

Thai regional airline Bangkok Airways has acknowledged it fell victim to a cybersecurity attack, which has robbed it off personally identifiable information (PII) of customers.

In a statement, the airline admitted that threat actors had managed to steal sensitive information about its passengers including their name, physical and electronic contact details, passport information, historical travel details, as well as “partial credit card information.”

“On 23 August 2021, Bangkok Airways Public Company Limited discovered that the company had been a victim of [a] cybersecurity attack which resulted in unauthorized and unlawful access to its information system,” the company added.

TechRadar needs you!
We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.

>> Click here to start the survey in a new window <<

The airline adds that when the incident came to light, the company took steps to contain the event, and is currently not just investigating the breach, but also trying to verify the compromised data and the affected passengers.

Between a rock and hard place

The airline however hasn’t specified the number of customers whose details have been exfiltrated, as that aspect appears to be under investigation. 

Strangely, even though it has acknowledged losing “partial credit card” details, the company hasn’t yet offered subscriptions to identity fraud prevention services, which companies usually do in cases of ransomware gangs getting their hands on such sensitive PII.

According to ZDNet, Bangkok Airways’ statement came just when the LockBit ransomware gang announced that it had laid its hands on 103 GB of compressed data from the campaign against the airline. 

Originally the group had threatened to release the data on August 30 if its ransom demands weren’t met. However, there aren’t reports of the data being disclosed publicly, which probably means that the two parties are at the negotiating table. 

Quentin Rhoads-Herrera, Director of Professional Services at Managed Detection and Response (MDR) services provider, CriticalStart believes the airline is in a tight spot. Irrespective of whether it decides to pay the ransom or risk damaging its reputation, the company has to muddle through the murky waters of disclosure compliance.

“It is up to Bangkok Airways to notify the customers impacted which might cause complications due to customers residing in several different countries. Adding on top of that the different regulatory bodies like GDPR might require responses from the airways further adding complexity,” suggests Rhoads-Herrera.

Via ZDNet

social experiment by Livio Acerbo #greengroundit #techradar https://www.techradar.com/news/bangkok-airways-admits-data-breach/